CVE-2005-0416

Microsoft Windows NT - Buffer Overflow

Title source: rule

Description

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Vertygo · c++remotewindows

https://www.exploit-db.com/exploits/771

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by houseofdabus · cremotewindows

https://www.exploit-db.com/exploits/765

View Code ZIP pw:eip

References (6)

[Various Sources] http://eeye.com/html/research/advisories/AD20050111.html

[Mailing List] http://marc.info/?l=bugtraq&m=110547079218397&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=110556975827760&w=2

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/12233

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18879

Scores

EPSS 0.6660

EPSS Percentile 98.5%

Details

Status published

Products (11)

microsoft/windows_2000 (5 CPE variants)

microsoft/windows_2003_server enterprise

microsoft/windows_2003_server enterprise_64-bit

microsoft/windows_2003_server r2 (2 CPE variants)

microsoft/windows_2003_server standard

microsoft/windows_2003_server web

microsoft/windows_98

microsoft/windows_98se

microsoft/windows_me

microsoft/windows_nt 4.0 (31 CPE variants)

... and 1 more

Published Apr 27, 2005

Tracked Since Feb 18, 2026