Denial of Service/Local

Oracle VirtualBox crUnpackTexGendv Buffer Overflow DoS

The specific flaw exists within the crUnpackTexGendv method. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to crash the VirtualBox process used for open the target.

Microsoft Windows Win32k Cursor Object Double Free Vulnerability DoS (MS15-010)

This module exploits a double free vulnerability in win32k.sys, allowing an unprivileged local user to cause a BSOD.

Microsoft Windows MSMQ Null Pointer DoS (MS09-040)

This module exploits a vulnerability in Microsoft Message Queue Service driver (MQAC.SYS). The IOCTL handler in the MQAC.SYS device driver allows local users to overwrite memory via malformed Interrupt Request Packet (Irp) parameters.

Microsoft Windows CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability DoS (MS11-056)

This module exploits a vulnerability on Microsoft Windows "CSRSS.EXE" process and causes a BSoD. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

Microsoft Windows Win32k Divided Error Exception DoS (MS13-046) Update

This module exploits a Windows kernel vulnerability calling to "NtGdiScaleViewportExtEx" function by using crafted parameters. This update adds support for all 32 bit Windows versions.

Microsoft Windows Win32k IsHandleEntrySecure Null Pointer Dereference DoS

This module exploits a vulnerability in win32k.sys calling win32k!IsHandleEntrySecure function with crafted parameters.

Microsoft Windows Win32k Integer Overflow DoS (MS13-101) Update

This module exploits a vulnerability in win32k.sys by calling to "NtGdiGetTextExtent" function with crafted parameters. This update adds support to Windows 2003 (32 and 64 bits), Windows Vista (32 and 64 bits), Windows 2008 (32 and 64 bits), Windows 7 64 bits, Windows 2008 R2, Windows 8 ( 32 and 64 bits) and Windows 2012.

Microsoft Windows Win32k Integer Overflow DoS (MS13-101)

This module exploits a vulnerability in win32k.sys by calling to "NtGdiGetTextExtent" function with crafted parameters. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

Microsoft Windows Win32k OTF Validation DoS (MS11-041)

This module causes a BSOD in Microsoft Windows when parsing a specially crafted OpenType font file. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

Microsoft Windows Hyper-V VMBus Non Responsiveness Vulnerability DoS (MS11-047)

This module exploits a vulnerability on Microsoft Hyper-V sending a crafted packet from the "guest OS" to the "host OS" through the vmbus mechanism producing a non responsiveness effect in the all virtual machines running at the time.