CVE-2004-1305 - The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP thr

CVE-2004-1305

Summary

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.

References

Vulnerable Configurations

cpe:2.3:a:nortel:ip_softphone_2050:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:ip_softphone_2050:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:media_communication_server_5100:3.0:*:*:*:*:*:*:*
cpe:2.3:a:nortel:media_communication_server_5100:3.0:*:*:*:*:*:*:*
cpe:2.3:a:nortel:media_communication_server_5200:3.0:*:*:*:*:*:*:*
cpe:2.3:a:nortel:media_communication_server_5200:3.0:*:*:*:*:*:*:*
cpe:2.3:a:nortel:media_processing_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:media_processing_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:periphonics:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:periphonics:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_agent:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_agent:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_network_control_center:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_network_control_center:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_tapi_service_provider:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_tapi_service_provider:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_web_centre_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_web_centre_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_web_client:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:symposium_web_client:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:symposium_call_center_server:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:symposium_call_center_server:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:symposium_express_call_center:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:symposium_express_call_center:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

CVSS

Base:	5.0 (as of 30-04-2019 - 14:27)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

oval via4

accepted

2011-05-16T04:00:50.176-04:00

class

vulnerability

contributors

name Christine Walzer
organization The MITRE Corporation
name Jeff Cheng
organization Opsware, Inc.
name Sudhir Gandhe
organization Telos
name Shane Shaffer
organization G2, Inc.

description

family

windows

oval:org.mitre.oval:def:1304

status

accepted

submitted

2005-01-14T12:00:00.000-04:00

title

Animated Cursor Denial of Service (XP)

version

accepted

2007-11-13T12:01:09.407-05:00

class

vulnerability

contributors

name Christine Walzer
organization The MITRE Corporation
name Jeff Cheng
organization Opsware, Inc.

description

family

windows

oval:org.mitre.oval:def:2580

status

accepted

submitted

2005-01-14T12:00:00.000-04:00

title

Animated Cursor Denial of Service (Server 2003)

version

accepted

2011-05-16T04:02:43.224-04:00

class

vulnerability

contributors

name Christine Walzer
organization The MITRE Corporation
name Andrew Buttner
organization The MITRE Corporation
name Jeff Cheng
organization Opsware, Inc.
name Shane Shaffer
organization G2, Inc.
name Sudhir Gandhe
organization Telos
name Shane Shaffer
organization G2, Inc.

description

family

windows

oval:org.mitre.oval:def:3216

status

accepted

submitted

2005-01-14T12:00:00.000-04:00

title

Animated Cursor Denial of Service (Windows 2000)

version

accepted

2008-03-24T04:00:31.797-04:00

class

vulnerability

contributors

name Christine Walzer
organization The MITRE Corporation
name Jeff Cheng
organization Opsware, Inc.
name Jonathan Baker
organization The MITRE Corporation

definition_extensions

comment	Microsoft Windows NT is installed
oval	oval:org.mitre.oval:def:36

description

family

windows

oval:org.mitre.oval:def:3957

status

accepted

submitted

2005-01-14T12:00:00.000-04:00

title

Animated Cursor Denial of Service (NT 4.0 Terminal Server)

version

accepted

2008-03-24T04:00:50.805-04:00

class

vulnerability

contributors

name Christine Walzer
organization The MITRE Corporation
name John Hoyland
organization Centennial Software
name Jeff Cheng
organization Opsware, Inc.
name Jonathan Baker
organization The MITRE Corporation
name Jonathan Baker
organization The MITRE Corporation

definition_extensions

comment	Microsoft Windows NT is installed
oval	oval:org.mitre.oval:def:36

description

family

windows

oval:org.mitre.oval:def:712

status

accepted

submitted

2005-01-14T12:00:00.000-04:00

title

Animated Cursor Denial of Service (NT 4.0)

version

refmap via4

bugtraq	20041223 Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability
cert	TA05-012A
cert-vn	VU#177584 VU#697136
misc	http://www.xfocus.net/flashsky/icoExp/
xf	win-ani-ratenumber-dos(18667)

Last major update

30-04-2019 - 14:27

Published

23-12-2004 - 05:00

Last modified

30-04-2019 - 14:27