OVAL Repository - View Definition: oval:org.mitre.oval:def:3355

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:3355		Version: 4 Last Modified: 2008-02-28
Title:	LoadImage Cursor and Icon Format Handling Vulnerability (NT 4.0)
Description:	Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-1049
Platform(s):	Microsoft Windows NT	Product(s):	Cursor and Icon Formatting
Definition Synopsis:
Windows NT Server 4.0 is installed Microsoft Windows NT is installed AND Windows NT server product option this is an NT Server (stand-alone) OR this is an NT Server (domain controller) AND the version of user32.dll is less than 4.0.1381.7342 AND NOT the patch kb891711 is installed

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest