GCVE - cpe:2.3:a:sophos:anti-virus:*:*:*:*:*:linux_kernel:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:sophos:anti-virus:*:*:*:*:*:linux_kernel:*:*

part: a version: * update: *

Vendor	Sophos (`a481dca1-298d-56ee-9d5c-373f6e8cead2`)
Product	Anti Virus (`fe833381-1f07-55be-b3b0-4dc5bcaf36ad`)
Edition	*
Language	*
Software edition	*
Target software	linux_kernel
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-2385`	vulnerable	2026-06-03 14:33:50.785119	Details available Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) newListList:Email parameter to notification/configure. Published: 2014-07-22T14:00:00.000Z Updated: 2024-08-06T10:14:25.889Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/532558/100/0/threaded http://packetstormsecurity.com/files/127228/Sophos-Antivirus-9.5.1-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2014/Jun/126 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2385/ http://www.sophos.com/en-us/support/knowledgebase/121135.aspx	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.