[原文]The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
NOD32 Antivirus Restore To Feature Arbitrary File Creation
Local Access Required
Loss of Integrity
NOD32 Antivirus contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the program does not drop its SYSTEM privileges before allowing a user to use the "Restore to..." feature to restore a quarantined file. This can be exploited to write a file to an arbitrary directory with SYSTEM privileges if a file with the given filename does not already exist. This flaw may lead to a loss of integrity.
Upgrade to version 2.51.26 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.