03 October, 2008

VBA32 Personal Antivirus 3.12.8.x (malformed archive) Denial of Service PoC

Summary: Antivirus program for personal computers running Windows which is a reliable and, it is crucial, quick tool to detect and neutralize computer viruses, mail worms, trojan programs and other malware (backdoors, adware, spyware, etc) in real time and by request.

Desc: VBA32 (VirusBlokAda) Personal Version 3.12.8.x suffers from a denial of service vulnerability that causes memory corruption and causing the software to crash while scanning a malformed archive.

Product web page: http://www.anti-virus.by/en/personal.html

Tested on Microsoft Windows XP SP2 (English)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

liquidworm [t00t] gmail [m00t] com

http://www.zeroscience.org

03.10.2008

PoC: http://zeroscience.org/codes/vba32_poc.rar

http://www.milw0rm.com/exploits/6658
http://packetstormsecurity.org/filedesc/vba32-poc-tgz.html
http://www.sebug.net/exploit/4800/
http://www.securityfocus.com/bid/31560
http://heapoverflow.com/f0rums/public/9134-vba32-personal-antivirus-3-12-8-x-malformed-archive-dos-exploit.html

No comments: