In this section

• Home
• Support
• Knowledgebase
• Articles

Online support

• Knowledgebase
• Virus disinfection

Product maintenance

• Downloads and updates
• Documentation
• Software lifecycle

Contact support

• Talk to an expert
• Send a sample
• Email us

Support services

• Overview
• Technical Support
• Professional Services
• Technical Training

Advisory: Sophos Anti-Virus Library Remote Heap Overflow

A buffer overflow vulnerability has been discovered in some versions of Sophos Anti-Virus (SAV).

Sophos has seen no example of any virus or other malware attempting to exploit this vulnerability.

Sophos has released fixed versions of all its products to protect against this issue.

You should upgrade to versions that are unaffected.

Customers using EM Library and Sophos small business solutions will receive these updates automatically.

Sophos Anti-Virus	Affected versions	Non-affected versions	Update available
Sophos Anti-Virus for Windows 2000+ v 5	5.0.4 and below	5.0.5 and above	5 August 2005
Sophos Anti-Virus for Windows 95/98/Me v 4.5	4.5.3 and below	4.5.4 and above	22 July 2005
Sophos Anti-Virus for Windows NT v 4.5	4.5.3 and below	4.5.4 and above	22 July 2005
Sophos Anti-Virus for Windows NT/2000/XP/2003 v 3.x	3.95 and below	3.96.0 and above	22 July 2005
Sophos Anti-Virus for Windows 95/98/Me v 3.x	3.95 and below	3.96.0 and above	22 July 2005
Sophos Anti-Virus for Mac OS X v 4.6	4.6.2 and below	4.6.3 and above	5 August 2005
Sophos Anti-Virus for Mac OS 8/9	3.96 and below	3.9.7 and above	26 August 2005
Sophos Anti-Virus for UNIX/Linux	3.95 and below	3.96.0 and above	22 July 2005
Sophos Anti-Virus for NetWare	3.95 and below	3.96.0 and above	22 July 2005
Sophos Anti-Virus for OS/2	3.95 and below	3.96.0 and above	22 July 2005
Sophos Anti-Virus for OpenVMS	3.95 and below	3.96.0 and above	22 July 2005
Sophos Anti-Virus for DOS/Windows 3.1x	3.95 and below	3.96.0 and above	22 July 2005

Small business solutions	Affected versions	Non-affected versions	Update available
Sophos Anti-Virus Small Business Edition (Windows)	3.95 and below	3.96.0 and above	29 July 2005
Sophos Anti-Virus Small Business Edition (Mac)	3.95 and below	3.96.0 and above	1 August 2005
PureMessage Small Business Edition	3.95 and below	3.96.0 and above	29 July 2005

Gateway products	Affected versions	Non-affected versions	Update available
PureMessage for Windows/Exchange version 2.1 and above	SAV version 5.0.4 and below	SAV version 5.0.5 and above	5 August 2005
PureMessage for Windows/Exchange version 2.0.2 and below	SAV version 3.95.0 and below	SAV version 3.96.0 and above	29 July 2005
PureMessage for UNIX	SAV version 3.95.0 and below	SAV version 3.95.1 and above	15 July 2005
MailMonitor for SMTP - Windows	SAV version 3.95 and below	SAV version 3.96.0 and above	22 July 2005
MailMonitor for SMTP - Windows	SAV version 3.95 and below	SAV version 3.96.0 and above	22 July 2005
MailMonitor for Notes/Domino	SAV version 3.95 and below	SAV version 3.96.0 and above	22 July 2005
MailMonitor for Exchange	SAV version 3.95 and below	SAV version 3.96.0 and above	22 July 2005

Sophos thanks Alex Wheeler for his assistance in identifying this vulnerability.

If you need more information or guidance, then please contact technical support.

• Article ID: 13409
• Created: 27 Jul 2005
• Last updated: 5 Oct 2006

Rate this article Choose a rating Very useful Quite useful Moderately useful Not very useful Not useful at all

•  Read our search tips
• Contact one of our experts
• Suggest an improvement