Windows Animated Cursor Handling Vulnerability


  • Question
    How does Vital Security handle Windows Animated Cursor Handling vulnerability (http://www.microsoft.com/technet/security/advisory/935423.mspx)?

  • Answer
    Below are some details on this vulnerability (taken from http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0038):
    Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons. This is a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7.

    Finjan's customers are protected against this vulnerability through Anti-Virus engines, which are integrated into the Vital Security Web Appliance.

  • Software Version
    N/A

    • This article applies to:
    NG 1000
    NG 5000
    NG 8000
    This article was previously published as:
    Finjan KB 1493

    Last Modified 3/23/2009.
    https://support.trustwave.com/kb/KnowledgebaseArticle13350.aspx