Информационная безопасность
[RU] switch to English


Проблемы с анимированными курсорами в Microsoft Windows
дополнено с 30 марта 2007 г.
Опубликовано:4 апреля 2007 г.
Источник:
SecurityVulns ID:7508
Тип:клиент
Уровень опасности:
10/10
Описание:переполнение буфера стековой памяти используется для скрытой установки вредоносного кода.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
CVE:CVE-2007-1867 (Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file.)
 CVE-2007-1765 (Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.)
 CVE-2007-0038 (Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.)
Оригинальный текстdocumentCERT, US-CERT Technical Cyber Security Alert TA07-093A -- Microsoft Update for Windows Animated Cursor Vulnerability (04.04.2007)
 documentjamikazu_(at)_gmail.com, Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch) (03.04.2007)
 documentGadi Evron, More information on ZERT patch for ANI 0day (03.04.2007)
 documentCERT, US-CERT Technical Cyber Security Alert TA07-089A -- Microsoft Windows ANI header stack buffer overflow (31.03.2007)
 documentMICROSOFT, Microsoft Security Advisory (935423) Vulnerability in Windows Animated Cursor Handling (30.03.2007)
 documentEEYE, [Full-disclosure] ANI Zeroday, Third Party Patch (30.03.2007)
 documentAlexander Sotirov, 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) (30.03.2007)
Файлы:Exploits Windows .ANI LoadAniIcon Stack Overflow
 Exploits Windows .ANI LoadAniIcon Stack Overflow
 Windows ANI LoadAniIcon() Chunk Size Stack Overflow (SMTP)
 Windows ANI LoadAniIcon() Chunk Size Stack Overflow (HTTP)
 Windows Animated Cursor Handling Exploit (0day) (Version3)
 Microsoft ANI Buffer Overflow Exploit Web Download Code Execution Exploit
 Microsoft Security Advisory (935423) Vulnerability in Windows Animated Cursor Handling
 Microsoft Windows multiple GDI vulnerabilities

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород