[原文]Stack-based buffer overflow in AhnLab V3Pro 2004 build 184.108.40.2063, V3 VirusBlock 2005 build 220.127.116.113, and V3Net for Windows Server 6.0 build 18.104.22.1683 allows remote attackers to execute arbitrary code via a long filname in an ACE archive.
AhnLab V3 Anti-Virus ACE Archive Decompression Long Filename Overflow
Remote / Network Access
Loss of Integrity
A remote overflow exists in various AhnLab V3 products. The ACE archive decompression library fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted ACE archive containing a compressed file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
Upgrade to version 22.214.171.1247 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.