Vulnerability Description
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows 2003 Server | enterprise |
| Microsoft | Windows 98 | All versions |
| Microsoft | Windows 98Se | All versions |
| Microsoft | Windows Me | All versions |
| Microsoft | Windows Nt | 4.0 |
| Microsoft | Windows Xp | All versions |
References
- http://eeye.com/html/research/advisories/AD20050111.html
- http://marc.info/?l=bugtraq&m=110547079218397&w=2
- http://marc.info/?l=bugtraq&m=110556975827760&w=2
- http://www.securityfocus.com/bid/12233ExploitPatchVendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18879
- http://eeye.com/html/research/advisories/AD20050111.html
- http://marc.info/?l=bugtraq&m=110547079218397&w=2
- http://marc.info/?l=bugtraq&m=110556975827760&w=2
- http://www.securityfocus.com/bid/12233ExploitPatchVendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18879
FAQ
What is CVE-2005-0416?
CVE-2005-0416 is a vulnerability with a CVSS score of 7.5 (HIGH). The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeader...
How severe is CVE-2005-0416?
CVE-2005-0416 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0416?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows 2003 Server, Microsoft Windows 98, Microsoft Windows 98Se, Microsoft Windows Me.