CVE-2005-2903

Name of the Vulnerable Software and Affected Versions NOD32 version 2.5 with nod32.002 1.033 build 1127

Description The issue is related to a heap-based buffer overflow that allows remote attackers to execute arbitrary code. This is achieved by using an ARJ archive containing a file with a long filename, exploiting the application's failure to perform proper bounds checking. The result is a loss of integrity due to arbitrary code execution.

Recommendations For NOD32 version 2.5 with nod32.002 1.033 build 1127, consider disabling active scanning until a patch is available to prevent exploitation via specially crafted ARJ archives. Restrict access to ARJ archives with long filenames to minimize the risk of arbitrary code execution.