[原文]Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 18.104.22.168, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive.
A remote overflow exists in AVIRA Desktop for Windows. The 'AVPACK32.DLL' library fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted ACE archive containing a compressed file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, AVIRA has released a patch to address this vulnerability.