houseofdabus

13 exploits Active since Jun 2004
CVE-2004-0209 EXPLOITDB c WORKING POC
Microsoft Windows 2000, Windows XP, and Windows Server 2003 - Remote Code Execution via WMF/EMF Image Processing
Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
CVE-2004-0206 EXPLOITDB c WORKING POC
Microsoft Windows NetDDE - Remote Code Execution via Malicious Message
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
EIP-2026-118884 EXPLOITDB c WORKING POC
Microsoft Windows Plug-and-Play Service (French) - Remote Universal (MS05-039)
CVE-2005-1983 EXPLOITDB c WORKING POC
Microsoft Windows 2000 and XP SP1 - Stack-Based Buffer Overflow in Plug and Play Service
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
CVE-2005-1983 EXPLOITDB c WORKING POC
Microsoft Windows 2000 and XP SP1 - Stack-Based Buffer Overflow in Plug and Play Service
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
CVE-2003-0533 EXPLOITDB c WORKING POC
Microsoft Windows - Buffer Overflow
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
CVE-2005-0416 EXPLOITDB c++ WORKING POC
Windows NT/2000/XP/2003 - Remote Code Execution via Animated Cursor Length Field
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
CVE-2005-0416 EXPLOITDB c WORKING POC
Windows NT/2000/XP/2003 - Remote Code Execution via Animated Cursor Length Field
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
CVE-2005-0059 EXPLOITDB c WORKING POC
Microsoft Windows 2000 and XP SP1 - Remote Code Execution via Message Queuing Buffer Overflow
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.
CVE-2004-0212 EXPLOITDB c WORKING POC
Avaya IP600 Media Servers - Stack-Based Buffer Overflow via Long Parameters in .job File
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.
CVE-2004-0445 EXPLOITDB c WORKING POC
Symantec Norton Internet Security <2004 - DoS
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
CVE-2004-1109 EXPLOITDB c WORKING POC
Kerio Personal Firewall <= 4.1.1 - Denial of Service via Zero-Length IP Option Field
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.
CVE-2004-0790 EXPLOITDB c WORKING POC
TCP/IP ICMP Error Handling - Blind Connection Reset Denial of Service
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.