CVE-2007-0038
EXPLOITEDMicrosoft Windows 2000 - Memory Corruption
Title source: ruleDescription
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.
Exploits (17)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16526
exploitdb
WORKING POC
VERIFIED
by RISE Security · pythonremotewindows
https://www.exploit-db.com/exploits/4045
exploitdb
WORKING POC
VERIFIED
by Breno Silva Pinto · clocalwindows
https://www.exploit-db.com/exploits/3695
exploitdb
WORKING POC
VERIFIED
by YAG KOHHA · textremotewindows
https://www.exploit-db.com/exploits/3651
metasploit
WORKING POC
GREAT
by hdm, skape · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb
References (20)
Scores
EPSS
0.8804
EPSS Percentile
99.5%
Details
VulnCheck KEV
2007-04-03
CWE
CWE-119
Status
published
Products (6)
microsoft/windows_2000
microsoft/windows_2003_server
gold (3 CPE variants)
microsoft/windows_2003_server
sp1 (2 CPE variants)
microsoft/windows_2003_server
sp2 (3 CPE variants)
microsoft/windows_vista
(2 CPE variants)
microsoft/windows_xp
(3 CPE variants)
Published
Mar 30, 2007
Tracked Since
Feb 18, 2026