Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2026-41096 - Crash PoC Heap overflow in DnsRawTruncateMe...

Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS', 'Description' = %q This module exploits a buffer underrun vulnerability in Microsoft's...

Denial of service

A denial of service vulnerability exists in Windows Domain Name System DNS DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,...

CVE-2018-8304

CVE-2018-8304 is a Windows DNSAPI.dll denial-of-service vulnerability arising from improper handling of DNS responses. Affected: Windows 7, Server 2008/2012/2012 R2, Server 2008 R2, 2016; Windows 8.1/10/10 Servers; DNSAPI denial of service could impact availability. Connected documents confirm th...

Windows DNSAPI Denial of Service Vulnerability

A denial of service vulnerability exists in Windows Domain Name System DNS DNSAPI.dll when it fails to properly handle DNS responses. An attacker who successfully exploited the vulnerability could cause a system to stop responding. Note that the denial of service condition would not allow an...

KLA11285 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities in Windows kernel ca...

Design/Logic Flaw

Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll...

CVE-2017-7327

Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll...

CVE-2017-7327

Vulnerability summary (CVE-2017-7327) : Yandex Browser installer for Desktop prior to 17.4.1 is affected by a DLL hijacking issue caused by untrusted search paths for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll, or profapi.dll. The issue can allow loading of arbitrary DLLs and crashing the ...

Remote code execution

The Microsoft Windows Domain Name System DNS DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI...

CVE-2017-11779

The Microsoft Windows Domain Name System DNS DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI...

CVE-2017-11779

CVE-2017-11779 concerns a vulnerability in the Windows DNSAPI.dll within the DNSAPI component of Microsoft Windows. A heap-based buffer overflow in the handling/validation of NSEC3 records (triggered by malicious DNS responses) could allow a remote attacker to execute arbitrary code in the contex...

CVE-2017-11779

The Microsoft Windows Domain Name System DNS DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI...

Bittorrent 7.10.0 (Build 43581) Installer DLL Hijacking

Exploit Title: Bittorrent 7.10.0 Build 43581 Installer DLL Search Order Hijack - "WININET.dll", "DNSAPI.dll", others Date of Discovery: July 21 2017 Exploit Author: Rithwik Jayasimha Author Homepage/Contact: https://thel3l.me Vendor Name: Bittorrent Inc. Vendor Homepage: https://www.bittorrent.co...

Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS

This module exploits a buffer underrun vulnerability in Microsoft's DNSAPI.dll as distributed with Windows Vista and later without KB2509553. By sending a specially crafted LLMNR query, containing a leading '.' character, an attacker can trigger stack exhaustion or potentially cause stack memory...

CVE-2011-0657

CVE-2011-0657 affects the DNSAPI.dll DNS client in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, Windows 7 SP1). Root cause: improper processing of DNS queries by the DNS client, enabling remote attackers to run arbitrary code via (1) a crafted L...

CVE-2011-0657

DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via 1 a...

Microsoft DNS Resolution LLMNR Query Remote Code Execution (MS11-030; CVE-2011-0657)

Link-local Multicast Name Resolution LLMNR is a new protocol that provides an additional method to resolve the names of neighboring computers. It is especially useful for networks that do not have a DNS server. LLMNR uses a simple exchange of request and reply messages to resolve computer names t...

μTorrent (uTorrent) 2.0.3 - DLL Hijacking

Title: uTorrent =2.0.3 Dll Hijacking Local Exploits By: DrIDE Tested: Windows 7RC Note: These are additional DLL's with unsafe Load Paths Reference: http://www.exploit-db.com/exploits/14726/ If the payload .DLL file is renamed to any of these files and placed in the utorrent.exe directory, the...