[原文]Buffer overflow in the archive decompression library (vrAZMain.dll 18.104.22.168), as used in HAURI anti-virus products including (1) ViRobot Expert 4.0, (2) ViRobot Advanced Server, and (3) HAURI LiveCall, allows user-assisted attackers to execute arbitrary code via an ALZ archive containing a file with a long filename.
A remote overflow exists in multiple HAURI anti-virus products. The issue is due to a boundary error in the archive decompression library when reading the filename of a compressed file from an ALZ archive resulting in a stack-based buffer overflow. With a specially crafted request, a remote attacker can execute arbitrary code resulting in a loss of integrity. This requires that compressed file scanning is enabled.
Upgrade to vrAZMain.dll version 22.214.171.124 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.