Vulnerabilities > CVE-2004-1305
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.
Vulnerable Configurations
Exploit-Db
description | MS Windows Kernel ANI File Parsing Crash Vulnerability. CVE-2004-1305. Dos exploit for windows platform |
id | EDB-ID:721 |
last seen | 2016-01-31 |
modified | 2004-12-25 |
published | 2004-12-25 |
reporter | Flashsky |
source | https://www.exploit-db.com/download/721/ |
title | Microsoft Windows Kernel - ANI File Parsing Crash Vulnerability |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS05-002.NASL |
description | The remote host contains a version of the Windows kernel that is affected by a security flaw in the way that cursors and icons are handled. An attacker may be able to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. An attacker may send a malicious email to the victim to exploit this flaw too. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 16124 |
published | 2005-01-11 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/16124 |
title | MS05-002: Cursor and Icon Format Handling Code Execution (891711) |
code |
|
Oval
accepted 2011-05-16T04:00:50.176-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Jeff Cheng organization Opsware, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. family windows id oval:org.mitre.oval:def:1304 status accepted submitted 2005-01-14T12:00:00.000-04:00 title Animated Cursor Denial of Service (XP) version 70 accepted 2007-11-13T12:01:09.407-05:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Jeff Cheng organization Opsware, Inc.
description The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. family windows id oval:org.mitre.oval:def:2580 status accepted submitted 2005-01-14T12:00:00.000-04:00 title Animated Cursor Denial of Service (Server 2003) version 67 accepted 2011-05-16T04:02:43.224-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Jeff Cheng organization Opsware, Inc. name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. family windows id oval:org.mitre.oval:def:3216 status accepted submitted 2005-01-14T12:00:00.000-04:00 title Animated Cursor Denial of Service (Windows 2000) version 72 accepted 2008-03-24T04:00:31.797-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Jeff Cheng organization Opsware, Inc. name Jonathan Baker organization The MITRE Corporation
definition_extensions comment Microsoft Windows NT is installed oval oval:org.mitre.oval:def:36 description The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. family windows id oval:org.mitre.oval:def:3957 status accepted submitted 2005-01-14T12:00:00.000-04:00 title Animated Cursor Denial of Service (NT 4.0 Terminal Server) version 73 accepted 2008-03-24T04:00:50.805-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name John Hoyland organization Centennial Software name Jeff Cheng organization Opsware, Inc. name Jonathan Baker organization The MITRE Corporation name Jonathan Baker organization The MITRE Corporation
definition_extensions comment Microsoft Windows NT is installed oval oval:org.mitre.oval:def:36 description The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. family windows id oval:org.mitre.oval:def:712 status accepted submitted 2005-01-14T12:00:00.000-04:00 title Animated Cursor Denial of Service (NT 4.0) version 74
References
- http://marc.info/?l=bugtraq&m=110382854111833&w=2
- http://marc.info/?l=bugtraq&m=110382854111833&w=2
- http://www.kb.cert.org/vuls/id/177584
- http://www.kb.cert.org/vuls/id/177584
- http://www.kb.cert.org/vuls/id/697136
- http://www.kb.cert.org/vuls/id/697136
- http://www.us-cert.gov/cas/techalerts/TA05-012A.html
- http://www.us-cert.gov/cas/techalerts/TA05-012A.html
- http://www.xfocus.net/flashsky/icoExp/
- http://www.xfocus.net/flashsky/icoExp/
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18667
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18667
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1304
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1304
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2580
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2580
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3216
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3216
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3957
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3957
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A712
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A712