CVE-2005-2385

Name of the Vulnerable Software and Affected Versions avast! Antivirus Home/Professional Edition versions 4.6.665 avast! Antivirus Server Edition version 4.6.460

Description The issue is related to a buffer overflow in a third-party compression library, specifically UNACEV2.DLL, which is used in avast! Antivirus. This buffer overflow can be triggered by an ACE archive that contains a long filename, allowing remote attackers to execute arbitrary code.

Recommendations For avast! Antivirus Home/Professional Edition version 4.6.665, update to a version that does not use the vulnerable UNACEV2.DLL library. For avast! Antivirus Server Edition version 4.6.460, update to a version that does not use the vulnerable UNACEV2.DLL library. As a temporary workaround, consider avoiding the use of ACE archives until a patch is available.