CVE-2007-1765
CVE-2007-1765
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.
Affected products
n/a · n/apublic PoCs found — 11
exploitdbwww.exploit-db.com/exploits/3684unverifiedexploitdbwww.exploit-db.com/exploits/3647unverifiedexploitdbwww.exploit-db.com/exploits/3695unverifiedexploitdbwww.exploit-db.com/exploits/3652unverifiedexploitdbwww.exploit-db.com/exploits/3617unverifiedexploitdbwww.exploit-db.com/exploits/16698unverifiedexploitdbwww.exploit-db.com/exploits/3636unverifiedexploitdbwww.exploit-db.com/exploits/3651unverifiedexploitdbwww.exploit-db.com/exploits/4045unverifiedexploitdbwww.exploit-db.com/exploits/3635unverifiedexploitdbwww.exploit-db.com/exploits/3634unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/http://research.eeye.com/html/alerts/zeroday/20070328.htmlhttp://vil.nai.com/vil/content/v_141860.htmhttp://www.avertlabs.com/research/blog/?p=230http://www.avertlabs.com/research/blog/?p=233http://www.microsoft.com/technet/security/advisory/935423.mspxhttp://www.securityfocus.com/archive/1/464287/100/0/threadedhttp://www.securityfocus.com/archive/1/464345/100/0/threadedhttp://www.securityfocus.com/bid/23194http://www.securitytracker.com/id?1017827http://www.vupen.com/english/advisories/2007/1151