The LoadImage API in Microsoft Windows provides functions for loading cursors, animated cursors, and icons.
An integer overflow in the LoadImage API allows command execution when a user opens a specially crafted cursor or icon file.
Apply the patch referenced in Microsoft Security Bulletin 05-002.
This exploit requires a user to load the exploit into a browser. Due to the nature of the vulnerability, success of the exploit depends upon the system state.