Sophos HitmanPro.Alert Multiple Security Vulnerabilities

Sophos HitmanPro.Alert is prone to the following security vulnerabilities:

1. An information-disclosure vulnerability
2. A local privilege-escalation vulnerability

An attacker can leverage these issues to obtain sensitive information and gain elevated privileges. Failed exploit attempts may result in a denial of service condition.
Sophos HitmanPro.Alert is is vulnerable; other versions may also be affected.


Bugtraq ID: 105743
Class: Input Validation Error
CVE: CVE-2018-3970

Remote: No
Local: Yes
Published: Oct 25 2018 12:00AM
Updated: Oct 25 2018 12:00AM
Credit: Marcin 'Icewall' Noga of Cisco Talos.
Vulnerable: Sophos HitmanPro.Alert

Not Vulnerable:


Exploit codes are available; please see the references for more information.

Related Posts