8 matches found
Microsoft Windows RIFF Buffer Overflow - Ver2 (CVE-2007-0038)
A buffer overflow vulnerability has been reported in Microsoft Windows Xp, Microsoft Windows 2000, Microsoft Windows Vista and Microsoft Windows 2003 Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2007-0038
creationtimestamp| type| source ---|---|--- 2010-08-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16526 2010-09-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16698 2018-05-29 15:50:33+00:00| seen|...
Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)
This module exploits a buffer overflow vulnerability in the LoadAniIcon function of USER32.dll. The flaw is triggered through Outlook Express by using the CURSOR style sheet directive to load a malicious .ANI file. This vulnerability was discovered by Alexander Sotirov of Determina and was...
Microsoft Security Bulletin MS07-017 Vulnerabilities in GDI Could Allow Remote Code Execution (925902)
Microsoft Security Bulletin MS07-017 Vulnerabilities in GDI Could Allow Remote Code Execution 925902 Published: April 3, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...
Immunity Canvas: ANI_CURSOR
Name| anicursor ---|--- CVE| CVE-2007-0038 Exploit Pack| CANVAS Description| Windows Animated Cursor Overflow MS07-017 Notes| References: http://www.determina.com/security.research/vulnerabilities/ani-header.html CVE Name: CVE-2007-0038 VENDOR: Microsoft MSADV: MS07-017 VersionsAffected:...
Stack overflow
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service persistent reboot via a large length value in the second or later anih block of a RIFF .ANI, cur, or .ico file, which...
CVE-2007-0038
CVE-2007-0038 is a stack-based buffer overflow in Windows’ animated cursor handling (LoadAniIcon) affecting Windows 2000 SP4 through Vista, triggered by malformed RIFF ANI/cur/ico files and causing memory corruption in cursor/icon processing. A remote attacker could execute arbitrary code or caus...
0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)
Today Microsoft released a security advisory about a vulnerability in the Animated Cursor processing code in Windows: http://www.microsoft.com/technet/security/advisory/935423.mspx It seems like the vulnerability is already exploited in the wild:...