CVE-2005-0416

Sažetak

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.

Reference

http://eeye.com/html/research/advisories/AD20050111.html
http://marc.info/?l=bugtraq&m=110547079218397&w=2
http://marc.info/?l=bugtraq&m=110556975827760&w=2
http://www.securityfocus.com/bid/12233
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002
https://exchange.xforce.ibmcloud.com/vulnerabilities/18879

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

30-04-2019 - 14:27

Objavljeno

27-04-2005 - 04:00