VBA32 Personal Antivirus 3.12.8.x - malformed archive DoS Exploit

ID EDB-ID:6658
Type exploitdb
Reporter LiquidWorm
Modified 2008-10-03T00:00:00


VBA32 Personal Antivirus 3.12.8.x (malformed archive) DoS Exploit. CVE-2008-5667. Dos exploit for windows platform


VBA32 Personal Antivirus 3.12.8.x (malformed archive) Denial of Service PoC

Summary: Antivirus program for personal computers running Windows which
is a reliable and, it is crucial, quick tool to detect and neutralize computer viruses,
mail worms, trojan programs and other malware (backdoors, adware, spyware, etc)
in real time and by request.

Desc: VBA32 (VirusBlokAda) Personal Version 3.12.8.x suffers from a denial of service
vulnerability that causes memory corruption and causing the software to crash while
scanning a malformed archive.

Product web page: http://www.anti-virus.by/en/personal.html

Tested on Microsoft Windows XP SP2 (English)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

liquidworm [t00t] gmail [m00t] com




https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/6658.rar (2008-vba32_poc.rar)

# milw0rm.com [2008-10-03]