Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Exploit DB
Exploit DBadded 2007/01/13 12:0 a.m.34 views

Microsoft Windows Explorer - '.WMF' CreateBrushIndirect Denial of Service

!/usr/bin/perl print "\nWMF PoC denial of service exploit by cyanid-E "; print "\n\ngenerating brush.wmf..."; openWMF, "./brush.wmf" or die "cannot create wmf file\n"; print WMF "\x01\x00\x09\x00\x00\x03\x22\x00\x00\x00\x63\x79\x61\x6E\x69\x64"; print WMF...

7.4AI score
Exploits0
0day.today
0day.todayadded 2007/01/13 12:0 a.m.14 views

MS Windows Explorer (WMF) CreateBrushIndirect DoS Exploit

Exploit for unknown platform in category dos / poc ========================================================= MS Windows Explorer WMF CreateBrushIndirect DoS Exploit ========================================================= !/usr/bin/perl print "\nWMF PoC denial of service exploit by cyanid-E ";...

7AI score
Exploits0
exploitpack
exploitpackadded 2007/01/13 12:0 a.m.11 views

Microsoft Windows Explorer - .WMF CreateBrushIndirect Denial of Service

Microsoft Windows Explorer - .WMF CreateBrushIndirect Denial of Service !/usr/bin/perl print "\nWMF PoC denial of service exploit by cyanid-E "; print "\n\ngenerating brush.wmf..."; openWMF, "./brush.wmf" or die "cannot create wmf file\n"; print WMF...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2007/01/11 12:0 a.m.33 views

WMF CreateBrushIndirect vulnerability (DoS)

The following WMF exploit appeared on milw0rm today: http://www.milw0rm.com/exploits/3111 The vulnerability is a result of the WMF parser passing a value from the file as a pointer argument to the CreateBrushIndirect function. The function dereferences the pointer and dies with an access violatio...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/01/11 12:0 a.m.35 views

Microsoft Windows WMF invalid pointer dereference

Invalid pointer dereference in GDI on CreateBrushIndirect function...

2.9AI score
Exploits0References1
NVD
NVDadded 2006/08/10 1:4 a.m.12 views

CVE-2006-4071

Sign extension vulnerability in the createBrushIndirect function in the GDI library gdi32.dll in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service application crash via a crafted WMF file...

2.6CVSS6.4AI score0.30974EPSS
Exploits1References13
Cvelist
Cvelistadded 2006/08/10 1:0 a.m.18 views

CVE-2006-4071

Sign extension vulnerability in the createBrushIndirect function in the GDI library gdi32.dll in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service application crash via a crafted WMF file...

6.4AI score0.30974EPSS
Exploits1References13
securityvulns
securityvulnsadded 2006/08/07 12:0 a.m.32 views

[Full-disclosure] 0-day XP SP2 wmf exploit (some details)

There is some details for wannabees : 1. 'Bad' wmf record: 07 00 00 00 length of record in words FC 02 type CreateBrushIndirect 08 00 00 00 00 00 00 80 'packed' good old Win16 days LOGBRUSH data: 08 00 - 'packed' lpStyle may be BSDIBPATTERNPT 6 or BSDIBPATTERN8X8 8 00 00 00 00 - COLORREF any 00 8...

0.2AI score
Exploits0
Rows per page
Query Builder