Lucene search

[email protected]CVE-2004-1305

HistoryJan 06, 2005 - 5:00 a.m.

CVE-2004-1305

2005-01-0605:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1305

windows

denial of service

ani

vulnerability

nvd

resource exhaustion

kernel crash

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.153 Low

EPSS

Percentile

95.9%

JSON

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.

Affected configurations

NVD

Node

nortelip_softphone_2050

nortelmedia_communication_server_5100Match3.0

nortelmedia_communication_server_5200Match3.0

nortelmedia_processing_server

nortelperiphonics

nortelsymposium_agent

nortelsymposium_network_control_center

nortelsymposium_tapi_service_provider

nortelsymposium_web_centre_portal

nortelsymposium_web_client

nortelsymposium_call_center_server

nortelsymposium_express_call_center

microsoftwindows_2000

microsoftwindows_2000sp1

microsoftwindows_2000sp2

microsoftwindows_2000sp3

microsoftwindows_2000sp4

microsoftwindows_2003_serverMatchenterprise64-bit

microsoftwindows_2003_serverMatchenterprise_64-bit

microsoftwindows_2003_serverMatchr264-bit

microsoftwindows_2003_serverMatchr2datacenter_64-bit

microsoftwindows_2003_serverMatchstandard64-bit

microsoftwindows_2003_serverMatchweb

microsoftwindows_98gold

microsoftwindows_98se

microsoftwindows_me

microsoftwindows_ntMatch4.0enterprise_server

microsoftwindows_ntMatch4.0server

microsoftwindows_ntMatch4.0terminal_server

microsoftwindows_ntMatch4.0workstation

microsoftwindows_ntMatch4.0sp1enterprise_server

microsoftwindows_ntMatch4.0sp1server

microsoftwindows_ntMatch4.0sp1terminal_server

microsoftwindows_ntMatch4.0sp1workstation

microsoftwindows_ntMatch4.0sp2enterprise_server

microsoftwindows_ntMatch4.0sp2server

microsoftwindows_ntMatch4.0sp2terminal_server

microsoftwindows_ntMatch4.0sp2workstation

microsoftwindows_ntMatch4.0sp3enterprise_server

microsoftwindows_ntMatch4.0sp3server

microsoftwindows_ntMatch4.0sp3terminal_server

microsoftwindows_ntMatch4.0sp3workstation

microsoftwindows_ntMatch4.0sp4enterprise_server

microsoftwindows_ntMatch4.0sp4server

microsoftwindows_ntMatch4.0sp4terminal_server

microsoftwindows_ntMatch4.0sp4workstation

microsoftwindows_ntMatch4.0sp5enterprise_server

microsoftwindows_ntMatch4.0sp5server

microsoftwindows_ntMatch4.0sp5terminal_server

microsoftwindows_ntMatch4.0sp5workstation

microsoftwindows_ntMatch4.0sp6enterprise_server

microsoftwindows_ntMatch4.0sp6server

microsoftwindows_ntMatch4.0sp6terminal_server

microsoftwindows_ntMatch4.0sp6workstation

microsoftwindows_ntMatch4.0sp6aenterprise_server

microsoftwindows_ntMatch4.0sp6aserver

microsoftwindows_ntMatch4.0sp6aworkstation

microsoftwindows_xp64-bit

microsoftwindows_xpembedded

microsoftwindows_xphome

microsoftwindows_xpmedia_center

microsoftwindows_xpgoldprofessional

microsoftwindows_xpsp164-bit

microsoftwindows_xpsp1embedded

microsoftwindows_xpsp1home

microsoftwindows_xpsp1media_center

microsoftwindows_xpsp2tablet_pc

CPENameOperatorVersion
nortel:ip_softphone_2050nortel ip softphone 2050eq*
nortel:media_communication_server_5100nortel media communication server 5100eq3.0
nortel:media_communication_server_5200nortel media communication server 5200eq3.0
nortel:media_processing_servernortel media processing servereq*
nortel:periphonicsnortel periphonicseq*
nortel:symposium_agentnortel symposium agenteq*
nortel:symposium_network_control_centernortel symposium network control centereq*
nortel:symposium_tapi_service_providernortel symposium tapi service providereq*
nortel:symposium_web_centre_portalnortel symposium web centre portaleq*
nortel:symposium_web_clientnortel symposium web clienteq*

CPE	Name	Operator	Version
nortel:ip_softphone_2050	nortel ip softphone 2050	eq	*
nortel:media_communication_server_5100	nortel media communication server 5100	eq	3.0
nortel:media_communication_server_5200	nortel media communication server 5200	eq	3.0
nortel:media_processing_server	nortel media processing server	eq	*
nortel:periphonics	nortel periphonics	eq	*
nortel:symposium_agent	nortel symposium agent	eq	*
nortel:symposium_network_control_center	nortel symposium network control center	eq	*
nortel:symposium_tapi_service_provider	nortel symposium tapi service provider	eq	*
nortel:symposium_web_centre_portal	nortel symposium web centre portal	eq	*
nortel:symposium_web_client	nortel symposium web client	eq	*

Rows per page:

1-10 of 231

References

marc.info/?l=bugtraq&m=110382854111833&w=2

www.kb.cert.org/vuls/id/177584

www.kb.cert.org/vuls/id/697136

www.us-cert.gov/cas/techalerts/TA05-012A.html

www.xfocus.net/flashsky/icoExp/

docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002

exchange.xforce.ibmcloud.com/vulnerabilities/18667

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1304

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2580

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3216

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3957

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A712

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.153 Low

EPSS

Percentile

95.9%

JSON

Related for CVE-2004-1305

cert2 cvelist1 nvd1 securityvulns2 nessus1