[原文]Stack-based buffer overflow in AhnLab V3Pro 2004 build 22.214.171.1243, V3 VirusBlock 2005 build 126.96.36.1993, and V3Net for Windows Server 6.0 build 188.8.131.523 allows remote attackers to execute arbitrary code via a long filname in an ACE archive.
AhnLab V3 Anti-Virus ACE Archive Decompression Long Filename Overflow
Remote / Network Access
Loss of Integrity
A remote overflow exists in various AhnLab V3 products. The ACE archive decompression library fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted ACE archive containing a compressed file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
Upgrade to version 184.108.40.2067 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.