Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
https://exchange.xforce.ibmcloud.com/vulnerabilities/22203
http://www.securityfocus.com/bid/14773