icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

NOD32 < 2.51.26 Antivirus Local File Overwrite

High

Synopsis

The remote antivirus software can be tricked by local users into replacing system files.

Description

The remote host is running the NOD32 antivirus software. This software is vulnerable to a flaw where local users can execute arbitrary code by quarantining a file and then 'restoring' the file in such a manner that, when next executed, the file is run with SYSTEM privileges.

Solution

Upgrade to version 2.51.26 or higher.