Version three of this paper discussing more shatter attacks that are possible using progress bars. Related information available here.
787e917da3242f5237e198f43f899c54f8b8719ed978cf8961d1090447b3c4c9
Version two of this paper discussing more shatter attacks that are possible using SEH memory locations to escalate privileges in Windows. Exploit code included. Related information available here.
612a9a5519a9d7da1fa8a00f1bcf9fc1be3a52c2d4df149c08548435c64b009b
The Microsoft Internet Security and Acceleration, or ISA, server contains a default error page that can be used to conduct cross site scripting attacks against a legitimate user.
051076503bc72c2b87f59aeb4ad73074c982cd00eb77cfd9f35afb69941adc65
Paper discussing more shatter attacks that are possible using SEH memory locations to escalate privileges in Windows. Related information available here.
08eeaae0ef4d604d10152e302c4788b1eb3339d71fd9c5a793d9b0e5a67d44e0
Windows Media Services Remote Command Execution - There is a flaw in the way nsiislog.dll processes incoming client requests. A vulnerability exists because an attacker could send specially formed HTTP request to the server that could cause IIS to fail or execute code on the system.
8f2e5764c182b67bd6e0097fd3e00391b5ccda2203e5742a4792b474ff7bf79c