CVE-2015-8841

Name of the Vulnerable Software and Affected Versions ESET NOD32 versions before update 11861

Description The issue is related to a heap-based buffer overflow in the Archive support module. This can be exploited by remote attackers to execute arbitrary code via a large number of languages in an EPOC installation file of type SIS FILE MULTILANG. The vulnerability is caused by a buffer overflow in dynamic memory, which can allow a remote attacker to execute arbitrary code.

Recommendations For ESET NOD32 versions before update 11861, update to a version that includes update 11861 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Archive support module until a patch is available. Avoid using the SIS FILE MULTILANG type in EPOC installation files with a large number of languages until the issue is resolved.