.ANI (RIFF Cursors) 2007 universal exploit generator

vendor:

Internet Explorer

by:

Yag Kohha

7.5

CVSS

HIGH

Remote Code Execution

CWE

Product Name: Internet Explorer

Affected Version From: Internet Explorer 6.x-7.x

Affected Version To: Internet Explorer 6.x-7.x

Patch Exists: YES

Related CWE: CVE-2007-0038

CPE: a:microsoft:internet_explorer

Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-ELSA-2008-0038/

Other Scripts:

Platforms Tested: Windows XP SP2, Windows Vista

2007

.ANI (RIFF Cursors) 2007 universal exploit generator

This exploit allows an attacker to execute arbitrary code on a target system by exploiting a vulnerability in the way Microsoft Internet Explorer handles .ANI (RIFF Cursors) files. It was tested on MS Internet Explorer 6.x-7.x on Windows XP SP2 and Windows Vista.

Mitigation:

Apply the latest security updates from Microsoft to patch the vulnerability. Disable the loading of .ANI files in Internet Explorer.

Source

Exploit-DB raw data:

#--------------------------------------------------------------------------------
# Info: .ANI (RIFF Cursors) 2007 universal exploit generator
# Tested on MS Internet Explorer 6.x-7.x, Windows XP SP2, Windows Vista
# Author: Yag Kohha <skyhole [at] gmail.com>
# 10x`n`Gr33tz 2:
# Jamikazu, Skylined (pretty good t-short on BH07 Europe - L00k like skylined, skylined, skylined)
# H.D. Moor and metasploit project
# Kumar Brothers (tnx for Vista patch live show at BH07 Europe), 
# Alexander Sotirov (tnx for "Heap Feng Shui" live show at BH07 Europe), str0ke
# Microsoft for great coding and Amsterdam (BH07 Europe) party
#--------------------------------------------------------------------------------

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/3651.tar.gz (04032007-ie_ani.tar.gz)

# milw0rm.com [2007-04-03]