Oval Definition:	oval:org.mitre.oval:def:2956
Revision Date: 2011-05-16 Version: 47 Title: LoadImage Cursor and Icon Format Handling Vulnerability (XP) Description: Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-1049 Platform(s): Microsoft Windows XP Product(s): Cursor and Icon Formatting Definition Synopsis Windows XP SP1 OR Windows XP 64-bit SP1 is installed Windows XP 32-bit SP1 is installed Windows XP 32-bit edition is installed Windows XP is installed AND 32-Bit version of Windows is installed AND Win2K/XP/2003/Vista service pack 1 is installed OR Windows XP 64-bit with Service Pack 1 Windows XP is installed AND a version of Windows for the ia64 architecture is installed AND Win2K/XP/2003/Vista service pack 1 is installed AND the version of user32.dll is less than 5.1.2600.1617 AND NOT the patch kb891711 is installed
BACK