CVE-2004-1595

ShixxNote 6.net build 117 - Buffer Overflow via Long Font Field

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2004-1595. PoCs published by Metasploit, class101, including Metasploit module exploits/windows/misc/shixxnote_font.

AI-analyzed exploit summary This exploit targets a buffer overflow in ShixxNOTE 6.net via a malformed font field, leveraging SEH overwrites to achieve remote code execution. The payload is delivered over TCP to port 2000.

Description

Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16454

View Code ZIP pw:eip

This exploit targets a buffer overflow in ShixxNOTE 6.net via a malformed font field, leveraging SEH overwrites to achieve remote code execution. The payload is delivered over TCP to port 2000.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ShixxNOTE 6.net

No auth needed

Prerequisites: Network access to target on port 2000 · ShixxNOTE 6.net running on target

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by class101 · cremotewindows

https://www.exploit-db.com/exploits/590

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in ShixxNote 6.net, specifically affecting Windows 2000 systems. It uses a JMP EBX technique from comdlg32.dll to execute a bind shell on port 101.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ShixxNote 6.net

No auth needed

Prerequisites: Windows 2000 target system · Network access to the target

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GREAT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/shixxnote_font.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in ShixxNOTE 6.net by sending a maliciously crafted payload to TCP port 2000, leveraging a SEH overwrite to achieve remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ShixxNOTE 6.net

No auth needed

Prerequisites: Network access to target on TCP port 2000

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/12822/

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11409

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=109778648232233&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17705

Scores

EPSS 0.5932

EPSS Percentile 99.0%

Details

Status published

Products (1)

shixxnote/shixxnote 6.net

Published Oct 13, 2004

Tracked Since Feb 18, 2026