Vulnerabilities > Sophos > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-08-10 CVE-2016-6597 7PK - Security Features vulnerability in Sophos Mobile Control EAS Proxy
Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus Traveler is enabled, allows remote attackers to access arbitrary web-resources from the backend mail system via a request for the resource, aka an Open Reverse Proxy vulnerability.
network
low complexity
sophos CWE-254
5.0
2016-04-06 CVE-2016-3968 Cross-site Scripting vulnerability in Sophos products
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header.
network
sophos CWE-79
4.3
2016-02-17 CVE-2016-2046 Cross-site Scripting vulnerability in Sophos Unified Threat Management Software
Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
network
sophos CWE-79
4.3
2016-01-14 CVE-2016-0777 Information Exposure vulnerability in multiple products
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
network
low complexity
sophos oracle openbsd hp apple CWE-200
6.5
2016-01-14 CVE-2015-8605 Improper Input Validation vulnerability in multiple products
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
5.7
2014-07-22 CVE-2014-2385 Cross-Site Scripting vulnerability in Sophos Anti-Virus 9.5.1
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) newListList:Email parameter to notification/configure.
network
sophos CWE-79
4.3
2014-06-25 CVE-2014-2005 Improper Authentication vulnerability in Sophos Enterprise Console 5.1/5.2/5.2.1
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate attackers to obtain desktop access by leveraging the absence of a login screen.
local
sophos CWE-287
6.9
2014-03-18 CVE-2013-2643 Cross-Site Scripting vulnerability in Sophos web Appliance and web Appliance Firmware
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component.
network
sophos CWE-79
4.3
2014-03-18 CVE-2013-2641 Path Traversal vulnerability in Sophos web Appliance and web Appliance Firmware
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter.
network
low complexity
sophos CWE-22
5.0
2014-02-10 CVE-2014-1213 Permissions, Privileges, and Access Controls vulnerability in Sophos Scanning Engine and Sophos Anti-Virus
Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service (resource consumption, CPU consumption, and eventual crash) or spoof "ready for update" messages by performing certain operations on mutexes or events including (1) DataUpdateRequest, (2) MmfMutexSAV-****, (3) MmfMutexSAV-Info, (4) ReadyForUpdateSAV-****, (5) ReadyForUpdateSAV-Info, (6) SAV-****, (7) SAV-Info, (8) StateChange, (9) SuspendedSAV-****, (10) SuspendedSAV-Info, (11) UpdateComplete, (12) UpdateMutex, (13) UpdateRequest, or (14) SophosALMonSessionInstance, as demonstrated by triggering a ReadyForUpdateSAV event and modifying the UpdateComplete, UpdateMutex, and UpdateRequest objects.
local
low complexity
sophos CWE-264
5.6