An integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .BMP, .CUR, .ICO or .ANI file with a large image size field.
You can force vulnerable clients to connect to the web server automatically by using this module to send them a specially designed e-mail to exploit this vulnerability by open it with Outlook or Outlook Express.
When the victim reads the HTML message a .ANI file is requested to the exploit's web server. If the system is vulnerable an agent is installed exploiting a buffer overflow in the function that parses such file.
You can force vulnerable clients to connect to the web server automatically by using this module to send them a specially designed e-mail to exploit this vulnerability by open it with Outlook or Outlook Express.
When the victim reads the HTML message a .ANI file is requested to the exploit's web server. If the system is vulnerable an agent is installed exploiting a buffer overflow in the function that parses such file.
CVE Link
Exploit Type - Old
Exploits/Client Side
Exploit Platform
Exploit Type
Product Name