Strix
26.1K

CVE-2004-1049

UnknownEPSS 29.74%

Last modified

CVE-2004-1049 is a vulnerability of currently unknown severity. Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability.". EPSS estimates a 29.74% chance of exploitation in the next 30 days.

Description

Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."

Metrics

EPSS Probability
29.74%

98.0th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersionsUpdate
MicrosoftWindows 2000All versions
MicrosoftWindows 2003 Serverr2
MicrosoftWindows NtAll versions
MicrosoftWindows XpAll versionsGold

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2004-1049?
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."
How severe is CVE-2004-1049?
Severity scoring for CVE-2004-1049 is pending analysis. The EPSS model estimates a 29.74% probability of exploitation in the next 30 days.
How do I fix CVE-2004-1049?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-1049?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST