Avast JetDb::IsExploited4x - Performs Unbounded Search on Input

2015-12-10T00:00:00
ID EDB-ID:38932
Type exploitdb
Reporter Google Security Research
Modified 2015-12-10T00:00:00

Description

Avast JetDb::IsExploited4x - Performs Unbounded Search on Input. Dos exploits for multiple platform

                                        
                                            Source: https://code.google.com/p/google-security-research/issues/detail?id=551

The attached Microsoft Access Database causes JetDb::IsExploited4x to be called, which contains an unbounded search for objects.

Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/38932.zip