CVE-2004-1049 in Windowsinfo

Summary

Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

11/17/2004

Disclosure

12/31/2004

Moderation

VulDB entry created

Entries

VDB-1088 (3)

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

5.6

EPSS

0.63012

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-1049
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1049
CVE Details	https://www.cvedetails.com/cve/CVE-2004-1049/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!