VBA32 Personal Antivirus 3.12.8.x (malformed archive) Denial of Service PoC

Summary: Antivirus program for personal computers running Windows which
is a reliable and, it is crucial, quick tool to detect and neutralize computer viruses,
mail worms, trojan programs and other malware (backdoors, adware, spyware, etc)
in real time and by request.

Desc: VBA32 (VirusBlokAda) Personal Version 3.12.8.x suffers from a denial of service
vulnerability that causes memory corruption and causing the software to crash while
scanning a malformed archive.

Product web page: http://www.anti-virus.by/en/personal.html

Tested on Microsoft Windows XP SP2 (English)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

liquidworm [t00t] gmail [m00t] com

http://www.zeroscience.org

03.10.2008

PoC: http://zeroscience.org/codes/vba32_poc.rar