When the win32k.NtGdiScaleViewportExtEx function uses to divide one crafted parameter sent from user, the final result is a "divide error exception" that produces a BSoD.
A double free condition in win32k.sys can be triggered by first linking and then destroying a set of Cursor Objects. This allows unprivileged local user to cause null dereference in kernel mode, which produces a BSoD.
The vulnerability is caused due to a WSD message with a long header value, this can lead to memory corruption within the process hosting WSDApi.dll. This can cause the service or application to crash. To be clear, the vulnerability is in the Windows module used to interact with devices that support Web Services on Devices, and does not affect the devices themselves.
When a crafted TTF file is processed by Windows kernel it produces a stack exhaustion finishing it in a BSoD.
This module causes a DoS in win32k.sys when attempts are made to render a malformed embedded font. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it.
This module causes a BSOD in Microsoft Windows when parsing a specially crafted .TTF font file.
A stack-based buffer overflow in the ProcessDataReceivedOnSocket function in the Microsoft Telnet Server Helper (tlntsess.exe) can be used by remote unauthenticated attackers to render the Telnet server unresponsive. This module will crash the tlntsess.exe Helper process, which is in charge of handling a client connection. The tlntsvr.exe process, which is the service listening for incoming connections on port 23, will not notice that a client slot was freed due to the crash, so by triggering this vulnerability multiple times it's possible to consume all the available client slots (2 by default), making the Telnet service to refuse further incoming connections.
This module exploits a vulnerability in "tcpip.sys" by sending a large number of TCP packets with the Time Stamp option enabled. When a TCP packet is sent with a Time Stamp number smaller than the previous, the packet is added in a list an it's never removed. After sending many packets, the 139 TCP port is disabled to receive new connections.
This module exploits a vulnerability in the Linux kernel by sending a lot of "ICMPv6 Router Advertisement" messages to the target finalizing it in a Stop Responding target behavior.
This module exploits a vulnerability in the Windows kernel "tcpip.sys" driver by sending a lot of "ICMPv6 Router Advertisement" messages to the target finalizing it in a Stop Responding target behavior.