=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN211
_____________________________________________________________________

DATE                      : 16/06/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Sophos Anti-Virus versions prior to 7.6.20, 9.

======================================================================
http://www.sophos.com/support/knowledgebase/article/111126.html
______________________________________________________________________

Sophos Anti-Virus vulnerability reported
Issue: Sophos Anti-Virus vulnerability discovered and fixed

This vulnerability allows local attackers to execute arbitrary code in
kernel space on vulnerable installations of Sophos Anti-Virus. Local
access to the system is required to leverage the vulnerability.

This has been fixed in Sophos Anti-Virus version 7.6.20 and all versions
of Sophos Anti-Virus 9 or later.

Sophos credits Cody Pierce of TippingPoint DVLabs with the discovery of
this vulnerability.

If you need more information or guidance, then please contact technical support.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================