Two vulnerabilities have been identified in ESET NOD32 AntiVirus, which could be exploited by attackers or malware to cause a denial of service or take complete control of an affected system. These issues are caused by stack overflow errors when handling files with a specially crafted path name, which could be exploited by attackers to execute arbitrary commands by tricking a vulnerable application into scanning a specially crafted file.

Affected Products

ESET NOD32 AntiVirus versions 2.x
ESET NOD32 AntiVirus versions 1.x

Solution

Upgrade to version 2.70.39 : http://www.eset.com/download/registered_software.php

References

http://www.frsirt.com/english/advisories/2007/1911
http://www.inkatel.com/wp-content/up...5/Advisory.txt

*all credit goes to Donna* http://msmvps.com/blogs/donna/default.aspx