SHARE
CORE IMPACT v7.5 - Exploits Update (Thu Apr 17 2008)
Windows .ANI file parsing Exploit Update
Exploits/Client Side [Windows]
• Thu Apr 17 2008
An integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .BMP, .CUR, .ICO or .ANI file with a large image size field. You can force vulnerable clients to connect to the web server automatically by using this module to send them a specially designed e-mail to exploit this vulnerability by open it with Outlook or Outlook Express. When the victim reads the HTML message a .ANI file is requested to the exploit's web server. If the system is vulnerable an agent is installed exploiting a buffer overflow in the function that parses such file.
Exploits Vulnerabiltiy: CVE-2004-1049