Sergio Alvarez has reported some vulnerabilities in NOD32 Antivirus, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

1) A race-condition error when processing CAB archives can be exploited to cause a heap corruption when e.g. scanning a specially crafted CAB archive.

Successful exploitation may allow execution of arbitrary code.

2) A divide-by-zero error when processing Aspack and FSG packed files can be exploited to e.g. crash the application via a specially crafted Aspack or FSG packed file.

3) An integer-overflow error when processing Aspack packed files can be exploited to cause an infinite loop and consume large amounts of CPU resources via a specially crafted Aspack packed file.

The vulnerabilities are reported in versions prior to update v.2.2289.

Solution
Apply update v.2.2289 or later.

Provided and/or discovered by
Sergio Alvarez, n.runs AG

Changelog
Further details available to Secunia VIM customers

Original Advisory
n.runs AG:
http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt
http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt
http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt

ESET:
http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26

Deep Links
Links available to Secunia VIM customers