Windows Animated Cursor Header buffer overflow

2007-04-05T00:00:00
ID SAINT:DEFDB9AA215F08BD83C3C57ACA4AFF92
Type saint
Reporter SAINT Corporation
Modified 2007-04-05T00:00:00

Description

Added: 04/05/2007
CVE: CVE-2007-0038
BID: 23194
OSVDB: 33629

Background

Animated cursor (**.ani**) files contain animated graphics for icons and cursors.

Problem

A buffer overflow in Windows allows command execution when opening a specially crafted **.ani** file containing large file headers.

Resolution

Apply the update referenced in Microsoft Security Bulletin 07-017.

References

<http://www.kb.cert.org/vuls/id/191609>
<http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0470.html>

Limitations

Exploit works with Internet Explorer 6 on Windows 2000 and XP and requires a user to load the page.

Platforms

Windows