Lucene search

[email protected]CVE-2004-1305

HistoryDec 23, 2004 - 5:00 a.m.

CVE-2004-1305

2004-12-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-1305

windows

denial of service

ani

vulnerability

nvd

resource exhaustion

kernel crash

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.153 Low

EPSS

Percentile

95.8%

JSON

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.

CPENameOperatorVersion
microsoft:windows_ntmicrosoft windows nteq4.0
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqweb
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise
nortel:symposium_tapi_service_providernortel symposium tapi service providereq*
nortel:symposium_express_call_centernortel symposium express call centereq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise_64-bit
nortel:media_processing_servernortel media processing servereq*
microsoft:windows_2000microsoft windows 2000eq*
nortel:symposium_network_control_centernortel symposium network control centereq*

CPE	Name	Operator	Version
microsoft:windows_nt	microsoft windows nt	eq	4.0
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	web
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise
nortel:symposium_tapi_service_provider	nortel symposium tapi service provider	eq	*
nortel:symposium_express_call_center	nortel symposium express call center	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise_64-bit
nortel:media_processing_server	nortel media processing server	eq	*
microsoft:windows_2000	microsoft windows 2000	eq	*
nortel:symposium_network_control_center	nortel symposium network control center	eq	*

Rows per page:

1-10 of 231

References

marc.info/?l=bugtraq&m=110382854111833&w=2

www.kb.cert.org/vuls/id/177584

www.kb.cert.org/vuls/id/697136

www.us-cert.gov/cas/techalerts/TA05-012A.html

www.xfocus.net/flashsky/icoExp/

docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002

exchange.xforce.ibmcloud.com/vulnerabilities/18667

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1304

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2580

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3216

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3957

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A712

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.153 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2004-1305

cert2 cvelist1 securityvulns2 nessus1