CVE-2006-0994

Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption.

Date published : 2006-05-10

http://www.securityfocus.com/bid/17876

http://www.securityfocus.com/archive/1/433272/100/0/threaded