NVD

Id
71441  
Name
CVE-2004-1049  
Description
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
5.1  
Severity
Medium  
CVSS Base Score
5.1  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:P)  
Pub Date
2017-07-18  
Published
2004-12-31  
Modified Date
2017-07-10  
Seq
2004-1049  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
369413 71441 CVE-2004-1049 20041223 Microsoft Windows LoadImage API Integer Buffer overflow  View
369414 71441 CVE-2004-1049 oval:org.mitre.oval:def:2956  View
369415 71441 CVE-2004-1049 oval:org.mitre.oval:def:3097  View
369416 71441 CVE-2004-1049 oval:org.mitre.oval:def:3220  View
369417 71441 CVE-2004-1049 oval:org.mitre.oval:def:3355  View
369418 71441 CVE-2004-1049 oval:org.mitre.oval:def:4671  View
369419 71441 CVE-2004-1049 1012684  View
369420 71441 CVE-2004-1049 P-094  View
369421 71441 CVE-2004-1049 VU#625856  View
369422 71441 CVE-2004-1049 MS05-002  View
369423 71441 CVE-2004-1049 12095  View
369424 71441 CVE-2004-1049 TA05-012A  View
369425 71441 CVE-2004-1049 http://www.xfocus.net/flashsky/icoExp/index.html  View
369426 71441 CVE-2004-1049 win-loadimage-bo(18668)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
63224 JVNDB-2004-000566 Microsoft Windows User32.dll の LoadImage() API における整数オーバーフローの脆弱性 Microsoft Windows の User32.dll に実装されている LoadImage() API には、イメージ・ファイル内に記述されているファイルサイズをチェックしないため、整数オーバーフローが発生する脆弱性が存在します。 CVE-2004-1049 9476 CVE-2004-1049 71441 5.1 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000566.html 2004-12-20 2007-04-01 View