CVE-2007-1765
CVE-2007-1765
9.3
CriticalPublished:
Last updated:
Source:cve@mitre.org
Modified
CVSS Vector
v2.0- Attack Vector
- Network
- Attack Complexity
- Medium
- Authentication
- None
- Confidentiality
- Complete
- Integrity
- Complete
- Availability
- Complete
Description
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.
Exploits
36342007-04-01remoteWindows
Microsoft Windows XP/Vista - Animated Cursor '.ani' Remote Overflow
By jamikazu
36352007-04-01remoteWindows
Microsoft Windows XP - Animated Cursor '.ani' Remote Overflow (2)
By Trirat Puttaraksa
36362007-04-01remoteWindows
Microsoft Windows - Animated Cursor '.ani' Remote (eeye patch Bypass)
By jamikazu
36172007-03-31localWindows
Microsoft Windows - Animated Cursor '.ani' Local Stack Overflow
By devcode
36522007-04-03localWindows
Microsoft Windows - Animated Cursor '.ani' Local Overflow (Hardware DEP)
By devcode
166982010-09-20remoteWindows
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) (MS07-017) (Metasploit)
By Metasploit
36472007-04-02localWindows
Microsoft Windows - Animated Cursor '.ani' Local Buffer Overflow
By Marsu
36512007-04-03remoteWindows
Microsoft Windows - Animated Cursor '.ani' Universal Generator
By YAG KOHHA
36842007-04-08dosWindows
Microsoft Windows Explorer - '.ANI' File Denial of Service
By Marsu
36952007-04-09localWindows
Microsoft Windows - Animated Cursor '.ani' Local Overflow
By Breno Silva Pinto
References
cve@mitre.org
http://vil.nai.com/vil/content/v_141860.htmcve@mitre.org
http://www.avertlabs.com/research/blog/?p=230cve@mitre.org
http://www.avertlabs.com/research/blog/?p=233cve@mitre.org
http://www.securityfocus.com/bid/23194cve@mitre.org
http://www.securitytracker.com/id?1017827cve@mitre.org
http://www.vupen.com/english/advisories/2007/1151af854a3a-2127-422b-91ae-364da2661108
http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/af854a3a-2127-422b-91ae-364da2661108
http://research.eeye.com/html/alerts/zeroday/20070328.htmlaf854a3a-2127-422b-91ae-364da2661108
http://vil.nai.com/vil/content/v_141860.htmaf854a3a-2127-422b-91ae-364da2661108
http://www.avertlabs.com/research/blog/?p=230af854a3a-2127-422b-91ae-364da2661108
http://www.avertlabs.com/research/blog/?p=233af854a3a-2127-422b-91ae-364da2661108
http://www.microsoft.com/technet/security/advisory/935423.mspxaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/464287/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/464345/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/23194af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1017827af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/1151