Eset Software NOD32 Antivirus Local Buffer Overflow Vulnerability

A vulnerability has been discovered in NOD32 for the Unix and Linux operating systems. The problem occurs when scanning a directory path of excessive length. When the malicious path is processed sensitive locations in memory may be corrupted.

An attacker could exploit this issue by creating a malicious directory containing a name of excessive length. This issue can be triggered by coaxing a user to scan the location with NOD32. By exploiting this issue to execute code it is possible run arbitrary commands with the privileges of the user running NOD32.

This issue affects NOD32 versions 1.012 and earlier.


Privacy Statement
Copyright 2010, SecurityFocus