Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the overflow. This vulnerability is addressed in the following product releases:
ALWIL, avast! antivirus, 4.7.869 (for Desktops)
ALWIL, avast! antivirus, Server 4.7.660 (for Servers)
Publication date: Fri, 08 Sep 2006 02:04:00 +0000