Check Point Advisories

Preemptive Protection against Microsoft Windows Animated Cursor Remote Code Execution Vulnerability (MS07-017)

Check Point Reference: CPAI-2007-040
Date Published: 4 Apr 2007
Severity: Critical
Last Updated: Monday 30 April, 2007
Source: Microsoft Security Bulletin MS07-017
Industry Reference:

CVE-2007-0038

Protection Provided by:
Who is Vulnerable? Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 SP2 (Itanium)
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Server 2003 x64 Edition SP2
Windows Vista
Windows Vista x64 Edition
Vulnerability Description A remote code execution vulnerability has been reported in the animated cursor code in Microsoft Windows. A remote attacker can exploit this vulnerability via a specially crafted ANI file. Animated cursors files (ANI) allow a series of frames to appear at the mouse pointer location instead of a single image (animated mouse pointer). Successful exploitation allows execution of arbitrary code on a vulnerable system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS07-017
Vulnerability DetailsThe vulnerability is due to an error in Microsoft Windows that fails to properly handle malformed animated cursor files. A remote attacker could trigger this flaw via a specially crafted ANI file. By convincing a user to visit a specially crafted HTML documents or open a malicious web page, a remote attacker could cause a denial of service condition or execute arbitrary code on an affected system. Successful exploitation allows remote code execution once a malformed ANI file is being processed on the vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK