Windows Animated Cursor (ANI) Vulnerability

Windows Animated Cursor (ANI) Vulnerability

CVE-2004-1305 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.

Learn more about our Web Application Penetration Testing UK.