Microsoft Windows Cursor And Icon ANI Format Handling Remote Buffer Overflow Vulnerability

Microsoft Windows Cursor And Icon ANI Format Handling Remote Buffer Overflow Vulnerability

References:

Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) (Alex Sotirov)
Cursors and Icons and Exploitsâ??Oh My! (Symantec )
Exploiting the ANI vulnerability on Vista (skape)
Latest on security update for Microsoft Security Advisory 935423 (Microsoft)
Microsoft Security Advisory 935423 Posted (Microsoft Security Response Center)
Microsoft Windows Homepage (Microsoft)
New updates for Microsoft Knowledge Base Article 925902 (Microsoft)
Nortel Security Advisory 2007007892, Rev 1 (Nortel)
Stack buffer overflow in ANI Handling under Microsoft Windows 0Day (ZERT)
Unpatched Drive-By Exploit Found On The Web (Craig Schmugar - McAfee Avert Labs)
0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) (Alexander Sotirov )
ANI Zeroday, Third Party Patch ("Marc Maiffret" )
More information on ZERT patch for ANI 0day (Gadi Evron )
MS announces out-of-band patch for ANI 0day (Gadi Evron)
Windows .ANI Stack Overflow Exploit (devcode)
Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch) (jamikazu@gmail.com)
2007007883: Centrex IP Client Manager (CICM) response to Microsoft MS07-017 secu (Nortel Networks)
ASA-2007-140 MS07-17 Vulnerabilities in GDI Could Allow Remote Code Execution (9 (Avaya)
EEYEZD-20070328 Windows .ANI Processing (eEye Digital Security)
Microsoft Security Advisory (935423) Vulnerability in Windows Animated Cursor Ha (Microsoft)
Microsoft Security Bulletin MS07-017 (Microsoft)
Technical Cyber Security Alert TA07-089A (US-CERT)
Vulnerability Note VU#191609 - Microsoft Windows fails to properly handle animat (US-CERT)
Vulnerability Summary CVE-2007-1765 (NIST)