Stack-based Buffer Overflow in Windows ANI Feature by Microsoft
CVE-2005-0416

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Nt; Windows Xp; Windows 2003 Server; Windows 2000
Vendor: CVE Published:; 27 April 2005

Summary

The ANI (Animated Cursor) capability in several versions of Microsoft Windows, including Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows Server 2003, is susceptible to a buffer overflow vulnerability. This issue arises when processing the AnimationHeaderBlock length field, enabling remote attackers to execute arbitrary code on affected systems. Successful exploitation could lead to unauthorized control over the affected system, emphasizing the need for immediate attention to security updates.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://marc.info/?l=bugtraq&m=110547079218397&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=110556975827760&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

50% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 27, 2005
Vulnerability Reserved
Feb 14, 2005