CVE-2004-0200

Related Files

sacred_jpg.c

Posted Oct 7, 2004

Authored by Crypto

GDI+ buffer overrun exploit that builds a malicious .JPG file.

tags | exploit, overflow

advisories | CVE-2004-0200

SHA-256 | 2120feeb6515aaa49b2db0fdada31774f9ac67c30e70927ba0892e23f6f7acc3

Download | Favorite | View

JpegOfDeathAll.c

Posted Sep 29, 2004

Authored by M4Z3R

GDI+ JPEG remote exploit that is a modified version of the FoToZ exploit that has reverse connect-back functionality as well as a bind feature that will work with all NT based OSes. This even-moreso enhanced version also has the ability add a user to the administrative group and can perform a file download.

tags | exploit, remote

advisories | CVE-2004-0200

SHA-256 | 20c93c78772b0990144751c09236f2b8c235714fcc01bac6f35dc0c88f2dc37a

Download | Favorite | View

JpgDownloader.c

Posted Sep 29, 2004

Authored by ATmaCA | Site prohack.net

Microsoft Windows JPEG GDI+ Overflow Download Shellcoded exploit.

tags | exploit, overflow, shellcode

systems | windows

advisories | CVE-2004-0200

SHA-256 | ee65d8dd1061332d648503cf739eedf5b2c3f57d9cb1c8df57fffbc1fef368b6

Download | Favorite | View

JpegOfDeath.c

Posted Sep 29, 2004

Authored by John Bissell A.K.A. HighT1mes

GDI+ JPEG remote exploit that is a modified version of the FoToZ exploit that has reverse connect-back functionality as well as a bind feature that will work with all NT based OSes.

tags | exploit, remote

advisories | CVE-2004-0200

SHA-256 | d8355ee0ee39e0020db08761e80e8dc97cb432c9a970c1cd4a0d88cdb50b417c

Download | Favorite | View

ms04-028-cmd.c

Posted Sep 29, 2004

Authored by FoToZ

Microsoft Windows proof of concept JPEG GDI+ overflow shellcoded exploit that launches a local cmd.exe.

tags | exploit, overflow, local, shellcode, proof of concept

systems | windows

advisories | CVE-2004-0200

SHA-256 | 68ec3cf6594190766b5c1153c0e82bb34d0d0cf6f04eb6a95d05d317b7e06753

Download | Favorite | View

Technical Cyber Security Alert 2004-260A

Posted Sep 17, 2004

Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-260A - Microsoft's Graphic Device Interface Plus (GDI+) contains a vulnerability in the processing of JPEG images. This vulnerability may allow attackers to remotely execute arbitrary code on the affected system. Exploitation may occur as the result of viewing a malicious web site, reading an HTML-rendered email message, or opening a crafted JPEG image in any vulnerable application. The privileges gained by a remote attacker depend on the software component being attacked.

tags | advisory, remote, web, arbitrary

advisories | CVE-2004-0200

SHA-256 | 8c2d2c6aa130bc7ec7423475bd8f9beba3c9252e9dbe9c6644dd0867560479da

Download | Favorite | View

jpegcompoc.zip

Posted Sep 17, 2004

Site gulftech.org

Proof of concept exploit for the recent JPEG buffer overrun vulnerability that crashes any Windows XP system that has not been patched for this flaw.

tags | exploit, overflow, proof of concept

systems | windows

advisories | CVE-2004-0200

SHA-256 | 8235e8220b01d7e3b3bd9bc0d634b7d3fb3d2ba3a9e71573e8a7c873f0e759fa

Download | Favorite | View

ms04-028.html

Posted Sep 15, 2004

Authored by Nick DeBaggis | Site microsoft.com

Microsoft Security Advisory MS04-028 - A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. Any program that processes JPEG images on the affected systems could be vulnerable to this attack, and any system that uses the affected programs or components could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

tags | advisory, remote, overflow, code execution

advisories | CVE-2004-0200

SHA-256 | 5ac536b0712a3153f373e7ecc6e68d519c4b9a1e3c6e34c0655c10862ea50e15

Download | Favorite | View