This module exploits an improperly memory free by sending a specially crafted RPC packet to cause a DoS condition on the target machine.
This module exploits a stack buffer overflow in the Microsoft Windows Plug and Play service and crashes services.exe.
This module exploits an incorrect check in the MIDL_user_allocate function of MSDTCPRXY.DLL to crash the MSDTC service.
This module exploits a vulnerability on "wins.exe" sending a DNS request packet followed by a RESET connection. When the WINS service tries to answer this request, the "send" function fails and an exception is produced triggering the bug. At the end, the WINS port ( port 42 ) is verified to know if the service is listening or it was broken.
This module causes a BSOD in Microsoft Windows when parsing a specially crafted OpenType font file. Only x64 systems are affected by this vulnerability.
This module exploits a vulnerability on win32k.sys sending a crafted message from user to kernel.
When the "RFONTOBJ::bTextExtent" function located in win32k.sys ( Windows kernel ) uses to divide one crafted parameter sent from user, the final result is a "divide error exception" that produces a BSoD.
The function win32k!IsHandleEntrySecure() doesn't properly check if 'pW32Job' field of 'tagPROCESSINFO' structure for current process contains non-zero value. This allows unprivileged local user to cause null dereference in kernel mode, which produces a BSoD.
This module exploits a vulnerability in win32k.sys when a crafted OTF file is open by Internet Explorer. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it.
When a crafted TTF file is processed by Windows kernel it produces a integer overflow finishing it in a BSoD.