CVE-2000-0828

Mobius DocumentDirect for the Internet 1.2 - Remote Code Execution via Long User-Agent Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0828. PoCs published by wildcoyote.

AI-analyzed exploit summary This exploit targets multiple buffer overflow vulnerabilities in Mobius DocumentDirect for the Internet 1.2, allowing remote code execution or denial of service via crafted HTTP requests. It includes shellcode for a port-binding shell and demonstrates three distinct overflow methods.

Description

Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by wildcoyote · cremotewindows
https://www.exploit-db.com/exploits/20211

This exploit targets multiple buffer overflow vulnerabilities in Mobius DocumentDirect for the Internet 1.2, allowing remote code execution or denial of service via crafted HTTP requests. It includes shellcode for a port-binding shell and demonstrates three distinct overflow methods.

Classification
Working Poc 95%
Attack Type
Rce | Dos
Complexity
Moderate
Reliability
Reliable
Target: Mobius DocumentDirect for the Internet 1.2
No auth needed
Prerequisites: Network access to the target service · Target running Mobius DocumentDirect for the Internet 1.2
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5212
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1657
Various Sources vendor-advisory x_refsource_atstake
http://www.atstake.com/research/advisories/2000/a090800-1.txt

Scores

EPSS 0.0617
EPSS Percentile 92.6%

Details

Status published
Products (1)
mobius/documentdirect_for_the_internet 1.2
Published Nov 14, 2000
Tracked Since Feb 18, 2026