Lucene search
HistoryApr 27, 2005 - 4:00 a.m.
CVE-2005-0416
windows
ani
buffer overflow
cve-2005-0416
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.885 High
EPSS
Percentile
98.7%
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
Affected configurations
Node
microsoftwindows_2000
ORmicrosoftwindows_2000sp1
ORmicrosoftwindows_2000sp2
ORmicrosoftwindows_2000sp3
ORmicrosoftwindows_2000sp4
ORmicrosoftwindows_2003_serverMatchenterprise64-bit
ORmicrosoftwindows_2003_serverMatchenterprise_64-bit
ORmicrosoftwindows_2003_serverMatchr264-bit
ORmicrosoftwindows_2003_serverMatchr2datacenter_64-bit
ORmicrosoftwindows_2003_serverMatchstandard64-bit
ORmicrosoftwindows_2003_serverMatchweb
ORmicrosoftwindows_98gold
ORmicrosoftwindows_98se
ORmicrosoftwindows_me
ORmicrosoftwindows_ntMatch4.0enterprise_server
ORmicrosoftwindows_ntMatch4.0server
ORmicrosoftwindows_ntMatch4.0terminal_server
ORmicrosoftwindows_ntMatch4.0workstation
ORmicrosoftwindows_ntMatch4.0sp1enterprise_server
ORmicrosoftwindows_ntMatch4.0sp1server
ORmicrosoftwindows_ntMatch4.0sp1terminal_server
ORmicrosoftwindows_ntMatch4.0sp1workstation
ORmicrosoftwindows_ntMatch4.0sp2enterprise_server
ORmicrosoftwindows_ntMatch4.0sp2server
ORmicrosoftwindows_ntMatch4.0sp2terminal_server
ORmicrosoftwindows_ntMatch4.0sp2workstation
ORmicrosoftwindows_ntMatch4.0sp3enterprise_server
ORmicrosoftwindows_ntMatch4.0sp3server
ORmicrosoftwindows_ntMatch4.0sp3terminal_server
ORmicrosoftwindows_ntMatch4.0sp3workstation
ORmicrosoftwindows_ntMatch4.0sp4enterprise_server
ORmicrosoftwindows_ntMatch4.0sp4server
ORmicrosoftwindows_ntMatch4.0sp4terminal_server
ORmicrosoftwindows_ntMatch4.0sp4workstation
ORmicrosoftwindows_ntMatch4.0sp5enterprise_server
ORmicrosoftwindows_ntMatch4.0sp5server
ORmicrosoftwindows_ntMatch4.0sp5terminal_server
ORmicrosoftwindows_ntMatch4.0sp5workstation
ORmicrosoftwindows_ntMatch4.0sp6enterprise_server
ORmicrosoftwindows_ntMatch4.0sp6server
ORmicrosoftwindows_ntMatch4.0sp6terminal_server
ORmicrosoftwindows_ntMatch4.0sp6workstation
ORmicrosoftwindows_ntMatch4.0sp6aenterprise_server
ORmicrosoftwindows_ntMatch4.0sp6aserver
ORmicrosoftwindows_ntMatch4.0sp6aworkstation
ORmicrosoftwindows_xp64-bit
ORmicrosoftwindows_xpembedded
ORmicrosoftwindows_xphome
ORmicrosoftwindows_xpmedia_center
ORmicrosoftwindows_xpgoldprofessional
ORmicrosoftwindows_xpsp164-bit
ORmicrosoftwindows_xpsp1embedded
ORmicrosoftwindows_xpsp1home
ORmicrosoftwindows_xpsp1media_center
ORmicrosoftwindows_xpsp2tablet_pc
Related
cvelist
cvelist
nvd
nvd
prion
prion
Stack overflow
2007-03-30 20:19:00
Memory corruption
2007-03-30 00:19:00
cve
cve
CVE-2007-0038
2007-03-30 20:19:00
CVE-2007-1765
2007-03-30 00:19:00
nessus
nessus
MS05-002: Cursor and Icon Format Handling Code Execution (891711)
2005-01-11 00:00:00
openvas
openvas
Microsoft Windows GDI Multiple Vulnerabilities (925902)
2010-07-08 00:00:00
Microsoft Windows GDI Multiple Vulnerabilities (925902)
2010-07-08 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.885 High
EPSS
Percentile
98.7%
Related for CVE-2005-0416