CVE-2001-1560

Windows 2000 and XP - Denial of Service via ShowWindow Function Call

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1560. PoCs published by PeterB.

AI-analyzed exploit summary This exploit triggers a Kernel Mode Exception in the Windows GDI by creating a window with specific parameters, leading to a system crash (blue screen). The PoC demonstrates the vulnerability by manipulating window creation and desktop settings.

Description

Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message.

Exploits (1)

exploitdb WORKING POC VERIFIED
by PeterB · textdoswindows
https://www.exploit-db.com/exploits/21131

This exploit triggers a Kernel Mode Exception in the Windows GDI by creating a window with specific parameters, leading to a system crash (blue screen). The PoC demonstrates the vulnerability by manipulating window creation and desktop settings.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows GDI (versions affected by CVE-2001-1560)
No auth needed
Prerequisites: Access to a vulnerable Windows system
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/7409.php
Exploit mailing-list x_refsource_ntbugtraq
http://www.derkeiler.com/Mailing-Lists/NT-Bugtraq/2001-10/0066.html
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3481

Scores

EPSS 0.0495
EPSS Percentile 91.1%

Details

Status published
Products (2)
microsoft/windows_2000 (3 CPE variants)
microsoft/windows_xp (2 CPE variants)
Published Dec 31, 2001
Tracked Since Feb 18, 2026