May 23rd, 2007, 16:28 PM
Old and Cranky
ESET NOD32 AntiVirus Pathname Handling Remote Command Execution Vulnerabilities
Two vulnerabilities have been identified in ESET NOD32 AntiVirus, which could be exploited by attackers or malware to cause a denial of service or take complete control of an affected system. These issues are caused by stack overflow errors when handling files with a specially crafted path name, which could be exploited by attackers to execute arbitrary commands by tricking a vulnerable application into scanning a specially crafted file.
ESET NOD32 AntiVirus versions 2.x
ESET NOD32 AntiVirus versions 1.x
Upgrade to version 2.70.39 : http://www.eset.com/download/registered_software.php
*all credit goes to Donna* http://msmvps.com/blogs/donna/default.aspx