CVE-2009-0812

BreakPoint Software Hex Workshop <6 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-0812. PoCs published by hack4love, DATA_SNIPER.

AI-analyzed exploit summary This exploit targets a local buffer overflow vulnerability in Hex Workshop (versions 3.x to 6.x) via a crafted .hex file. It leverages SEH overwrites and shellcode execution to achieve arbitrary code execution (e.g., launching calc.exe).

Description

Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and earlier versions allows remote attackers to execute arbitrary code via a crafted Intel Hex Code (.hex) file. NOTE: some of these details are obtained from third party information.

Exploits (2)

exploitdb WORKING POC VERIFIED

by hack4love · pythonlocalwindows

https://www.exploit-db.com/exploits/9550

View Code ZIP pw:eip

This exploit targets a local buffer overflow vulnerability in Hex Workshop (versions 3.x to 6.x) via a crafted .hex file. It leverages SEH overwrites and shellcode execution to achieve arbitrary code execution (e.g., launching calc.exe).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Hex Workshop v3.11, v4.00-4.23, v5.0-5.1.4, v6.0.0-6.0.1

No auth needed

Prerequisites: Victim must open the malicious .hex file in Hex Workshop

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by DATA_SNIPER · perllocalwindows

https://www.exploit-db.com/exploits/8121

View Code ZIP pw:eip

This exploit targets a local code execution vulnerability in Hex Workshop v6 by crafting a malicious .hex file. It leverages a stack-based buffer overflow to execute arbitrary shellcode (calc.exe) when the file is imported.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Hex Workshop v6

No auth needed

Prerequisites: Local access to the target system · Hex Workshop v6 installed

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/9550

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/48970

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/501300/100/0/threaded

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/8121

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/33932

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34021

Scores

EPSS 0.0690

EPSS Percentile 93.2%

Details

CWE

CWE-119

Status published

Products (26)

bpsoft/hex_workshop 1.0

bpsoft/hex_workshop 2.00

bpsoft/hex_workshop 2.01

bpsoft/hex_workshop 2.10

bpsoft/hex_workshop 2.20

bpsoft/hex_workshop 2.50

bpsoft/hex_workshop 2.52

bpsoft/hex_workshop 2.53

bpsoft/hex_workshop 2.54

bpsoft/hex_workshop 3.00

... and 16 more

Published Mar 04, 2009

Tracked Since Feb 18, 2026