Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows 安全漏洞
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司的一套个人设备使用的操作系统。 Microsoft Windows在处理畸形的动画图标文件(.ani)时存在边界条件错误漏洞,远程攻击者可能利用此漏洞控制用户机器。 Microsoft Windows的LoadAniIcon()函数(user32.dll)在渲染畸形的光标、动画光标文件(.ani)或图标时没有正确地验证ANI头中所指定的大小,导致栈溢出漏洞。如果用户受骗使用IE访问了恶意站点或打开了恶意的邮件消息的话,就会触发这个溢出,
CVSS Information
N/A
Vulnerability Type
N/A