Denial of Service Vulnerability in Microsoft Windows 98SE via Icon Files
CVE-2005-1793

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 98se
Vendor: CVE Published:; 1 June 2005

Summary

The User32.DLL component in Microsoft Windows 98SE is susceptible to a denial of service attack, which can be executed by local or remote attackers. This vulnerability arises when processing icon (.ico) bitmap files that possess excessively large width and height attributes. An attacker can exploit this flaw to crash the system, thereby interrupting normal operations and potentially allowing further exploitation.

References

http://www.securityfocus.com/archive/1/399207

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/399228

mailing-listx_refsource_BUGTRAQ

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 1, 2005