CVE-2008-5044

Windows Server 2003 and Vista - Denial of Service via UnhookWindowsHookEx Race Condition

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5044. PoCs published by killprog.org.

AI-analyzed exploit summary The provided text is a vulnerability description for CVE-2008-5044, a local denial-of-service vulnerability affecting Microsoft Windows 2003 and Vista. It lacks actual exploit code, instead referencing an external source for the binary exploit.

Description

Race condition in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (crash or hang) via a multi-threaded application that makes many calls to UnhookWindowsHookEx while certain other desktop activity is occurring.

Exploits (1)

exploitdb WRITEUP VERIFIED
by killprog.org · textdoswindows
https://www.exploit-db.com/exploits/32573

The provided text is a vulnerability description for CVE-2008-5044, a local denial-of-service vulnerability affecting Microsoft Windows 2003 and Vista. It lacks actual exploit code, instead referencing an external source for the binary exploit.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Microsoft Windows 2003, Windows Vista
No auth needed
Prerequisites: Local access to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46506
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32206
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498165/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4576
Exploit x_refsource_misc
http://killprog.com/whk.zip

Scores

EPSS 0.0088
EPSS Percentile 75.6%

Details

CWE
CWE-362
Status published
Products (2)
microsoft/windows_server_2003
microsoft/windows_vista
Published Nov 12, 2008
Tracked Since Feb 18, 2026