VBA32 Personal Antivirus 3.12.8.x (malformed archive) Denial of Service PoC

vendor:

VBA32 Personal Antivirus

by:

Gjoko 'LiquidWorm' Krstic

N/A

CVSS

N/A

Denial of Service

N/A

CWE

Product Name: VBA32 Personal Antivirus

Affected Version From: 3.12.8.x

Affected Version To: 3.12.8.x

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Microsoft Windows XP SP2 (English)

2008

VBA32 Personal Antivirus 3.12.8.x (malformed archive) Denial of Service PoC

VBA32 (VirusBlokAda) Personal Version 3.12.8.x suffers from a denial of service vulnerability that causes memory corruption and causing the software to crash while scanning a malformed archive.

Mitigation:

N/A

Source

Exploit-DB raw data:

------------------------------------------------------------------------------------------------------------------------------

VBA32 Personal Antivirus 3.12.8.x (malformed archive) Denial of Service PoC

Summary: Antivirus program for personal computers running Windows which
is a reliable and, it is crucial, quick tool to detect and neutralize computer viruses,
mail worms, trojan programs and other malware (backdoors, adware, spyware, etc)
in real time and by request.

Desc: VBA32 (VirusBlokAda) Personal Version 3.12.8.x suffers from a denial of service
vulnerability that causes memory corruption and causing the software to crash while
scanning a malformed archive.

Product web page: http://www.anti-virus.by/en/personal.html

Tested on Microsoft Windows XP SP2 (English)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

liquidworm [t00t] gmail [m00t] com

http://www.zeroscience.org

03.10.2008

------------------------------------------------------------------------------------------------------------------------------

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/6658.rar (2008-vba32_poc.rar)

# milw0rm.com [2008-10-03]