Lucene search

K
saintSAINT CorporationSAINT:81AE5C6773ECC386E9943517378A638F
HistoryApr 27, 2006 - 12:00 a.m.

Windows Cursor and Icon handling vulnerability

2006-04-2700:00:00
SAINT Corporation
download.saintcorporation.com
20

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.967

Percentile

99.7%

Added: 04/27/2006
CVE: CVE-2004-1049
BID: 12233
OSVDB: 12842

Background

The LoadImage API in Microsoft Windows provides functions for loading cursors, animated cursors, and icons.

Problem

An integer overflow in the LoadImage API allows command execution when a user opens a specially crafted cursor or icon file.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 05-002.

References

http://www.kb.cert.org/vuls/id/625856

Limitations

This exploit requires a user to load the exploit into a browser. Due to the nature of the vulnerability, success of the exploit depends upon the system state.

Platforms

Windows

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.967

Percentile

99.7%