Vulnerabilities > CVE-2004-1595 - Remote Buffer Overflow vulnerability in Shixxnote 6.Net

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
shixxnote
exploit available
metasploit
NVD
Published: 2004-10-13
Updated: 2017-07-11

Summary

Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field.

Vulnerable Configurations

Part Description Count
Application
Shixxnote
1

Exploit-Db

  • descriptionShixxNOTE 6.net Font Field Overflow. CVE-2004-1595. Remote exploit for windows platform
    idEDB-ID:16454
    last seen2016-02-01
    modified2010-06-15
    published2010-06-15
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16454/
    titleShixxNOTE 6.net Font Field Overflow
  • descriptionShixxNote 6.net Remote Buffer Overflow Exploit. CVE-2004-1595. Remote exploit for windows platform
    idEDB-ID:590
    last seen2016-01-31
    modified2004-10-22
    published2004-10-22
    reporterclass101
    sourcehttps://www.exploit-db.com/download/590/
    titleShixxNote 6.net Remote Buffer Overflow Exploit

Metasploit

descriptionThis module exploits a buffer overflow in ShixxNOTE 6.net. The vulnerability is caused due to boundary errors in the handling of font fields.
idMSF:EXPLOIT/WINDOWS/MISC/SHIXXNOTE_FONT
last seen2020-05-22
modified2017-07-24
published2006-09-13
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1595
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/shixxnote_font.rb
titleShixxNOTE 6.net Font Field Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/82945/shixxnote_font.rb.txt
idPACKETSTORM:82945
last seen2016-12-05
published2009-11-26
reporterMC
sourcehttps://packetstormsecurity.com/files/82945/ShixxNOTE-6.net-Font-Field-Overflow.html
titleShixxNOTE 6.net Font Field Overflow

Statements

contributorOzren Sirola
lastmodified2007-11-16
organizationShixxNOTE
statementUpgrade to the latest version of ShixxNOTE 6.net (released December 2006), available from the ShixxNOTE 6.net Web site. http://www.shixxnote.com

References