CVE-2007-1765

Description

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

Affected products

• Avaya / definity_one_media_server
• Avaya / ip600_media_servers
• Avaya / s3400
• Avaya / s8100
• Microsoft / ie7.0 – 7.0
• Microsoft / internet_explorer6
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2003_server
• Microsoft / windows_2003_server
• Microsoft / windows_2003_server
• Microsoft / windows_2003_server
• Microsoft / windows_vista
• Microsoft / windows_vista
• Microsoft / windows_vista
• Microsoft / windows_vista
• Microsoft / windows_vista
• Microsoft / windows_vista
• Microsoft / windows_vista
• Microsoft / windows_vista
• Microsoft / windows_vista
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp

References

• MISChttp://www.securityfocus.com/archive/1/464287/100/0/threaded
• MISChttp://research.eeye.com/html/alerts/zeroday/20070328.html
• MISChttp://www.securityfocus.com/archive/1/464345/100/0/threaded
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/1151
• MISChttp://vil.nai.com/vil/content/v_141860.htm
• MISChttp://www.avertlabs.com/research/blog/?p=230
• MISChttp://www.securityfocus.com/bid/23194
• MISChttp://www.microsoft.com/technet/security/advisory/935423.mspx
• MISChttp://www.securitytracker.com/id?1017827
• MISChttp://www.avertlabs.com/research/blog/?p=233
• MISChttp://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/