Vulnerabilities > CVE-2005-0416 - Buffer Overflow vulnerability in Microsoft Windows User32.DLL ANI File Header Handling Stack-Based
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
Vulnerable Configurations
Exploit-Db
description MS Internet Explorer .ANI files handling Downloader Exploit (MS05-002). CVE-2005-0416. Remote exploit for windows platform id EDB-ID:771 last seen 2016-01-31 modified 2005-01-24 published 2005-01-24 reporter Vertygo source https://www.exploit-db.com/download/771/ title Microsoft Internet Explorer .ANI files handling Downloader Exploit MS05-002 description MS Internet Explorer .ANI files handling Universal Exploit (MS05-002). CVE-2005-0416. Remote exploit for windows platform id EDB-ID:765 last seen 2016-01-31 modified 2005-01-22 published 2005-01-22 reporter houseofdabus source https://www.exploit-db.com/download/765/ title Microsoft Internet Explorer .ANI files handling Universal Exploit MS05-002
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS05-002.NASL |
description | The remote host contains a version of the Windows kernel that is affected by a security flaw in the way that cursors and icons are handled. An attacker may be able to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. An attacker may send a malicious email to the victim to exploit this flaw too. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 16124 |
published | 2005-01-11 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/16124 |
title | MS05-002: Cursor and Icon Format Handling Code Execution (891711) |
code |
|
Saint
bid | 12233 |
description | Windows Cursor and Icon handling vulnerability |
id | win_patch_cursor |
osvdb | 12842 |
title | windows_cursor_icon |
type | client |
References
- http://eeye.com/html/research/advisories/AD20050111.html
- http://marc.info/?l=bugtraq&m=110547079218397&w=2
- http://marc.info/?l=bugtraq&m=110556975827760&w=2
- http://www.securityfocus.com/bid/12233
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18879