Secunia research has discovered a vulnerability in NOD32 Anti-Virus, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error in handling ARJ archives containing compressed files with overly long filename. This can be exploited to cause a heap-based buffer overflow when a specially crafted ARJ archive is scanned.

Successful exploitation may allow arbitrary code execution, but requires that archive scanning is enabled.

The vulnerability has been confirmed in NOD32 for Windows NT/2000/2003/XP Trial Version 2.5 (with nod32.002 version 1.033 build 1127). Other versions may also be affected.

Solution: Update to the latest version (nod32.002 version 1.034 build 1132) via online update.
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: NOD32 for Windows NT/2000/XP 2.x

[Continue reading Secunia Advisory: SA16604]