| |
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, Windows 2003 Server, Windows 95, 98, and NT4SP6a, allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
This problem was announced in the Bugtraq mailing list on 11 January, 2005 with examples of malicious animated cursors being published about the same time. This exploit is particularly dangerous because a system is vulnerable when simply accessing a malformed animated cursor, from a variety of sources including a style load on a website or previewing an email with such a cursor embedded with Outlook or Outlook Express.
Microsoft had been pre-warned by the responsible researchers that published this exploit, so a Microsoft patch fixing the bug was released immediately as (MSO5-002). Windows XP-SP2 was not affected by this bug and did not require patching.
CVE-2005-0416
|
Cart
