CVE-2005-4438

Name of the Vulnerable Software and Affected Versions Symantec Antivirus Library version 3.2.14.3

Description The issue is related to a heap-based buffer overflow in the Dec2Rar.dll component. This can be exploited by remote attackers through RAR archives with sub-block headers containing incorrect values in the length field, potentially allowing the execution of arbitrary code.

Recommendations For version 3.2.14.3, consider updating to a newer version that contains a fix for this issue, as using RAR archives with malformed sub-block headers can lead to arbitrary code execution. As a temporary workaround, restrict the handling of RAR archives to minimize the risk of exploitation.