Windows OS Animated Cursor Vulnerability in Microsoft Products
CVE-2004-1305

Currently unrated

Key Information:

Vendor
Microsoft
Vendor
CVE Published:
23 December 2004

Summary

The vulnerability in the Windows Animated Cursor feature allows remote attackers to exploit specific frame and rate parameters, leading to potential denial of service. By manipulating the frame number to zero, attackers can cause an invalid memory address to be triggered, resulting in a kernel crash. Similarly, setting the rate number to zero can lead to resource exhaustion, causing the system to hang indefinitely. This poses a significant risk to system stability, particularly for users operating on specified Windows versions.

References

EPSS Score

77% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.