Vulnerabilities > CVE-2005-2903 - Remote Buffer Overflow vulnerability in Eset Software Nod32 Antivirus 2.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Windows |
| NASL id | NOD32_ARJ_OVERFLOW.NASL |
| description | The remote host is running NOD32 Antivirus, from eset. The installed version of NOD32 Antivirus is reportedly prone to a heap-based buffer overflow when processing ARJ archives with long filenames. An attacker may be able to exploit this issue to execute arbitrary code on the remote host. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 19700 |
| published | 2005-09-14 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/19700 |
| title | NOD32 Antivirus ARJ Archive Filename Handling Overflow |