CVE Vulnerabilities

CVE-2004-1049

Published: Dec 31, 2004 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the Cursor and Icon Format Handling Vulnerability.

Affected Software

Name Vendor Start Version End Version
Windows_2000 Microsoft * *
Windows_2000 Microsoft * *
Windows_2000 Microsoft * *
Windows_2000 Microsoft * *
Windows_2000 Microsoft * *
Windows_2003_server Microsoft r2 r2
Windows_nt Microsoft * *
Windows_xp Microsoft * *
Windows_xp Microsoft * *

References