header-logo
Suggest Exploit
vendor:
Windows
by:
Unknown
7.5
CVSS
HIGH
Denial-of-Service
20
CWE
Product Name: Windows
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: o:microsoft:windows
Metasploit:
Other Scripts:
Platforms Tested: Windows
Unknown

Remote Denial-of-Service Vulnerability in Microsoft Windows

The vulnerability exists in Microsoft Windows due to its failure to handle maliciously crafted ICO files. An attacker can exploit this vulnerability by tricking users into opening a malicious file. Successful exploitation of this vulnerability will lead to denial-of-service conditions on applications that use the affected library. Vulnerable applications include Windows Explorer and Picture and Fax viewer.

Mitigation:

It is recommended to avoid opening files from untrusted sources. Keeping the system and applications up to date with the latest patches and security updates will also help mitigate the risk of exploitation.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24346/info

Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to properly handle maliciously crafted ICO files.

An attacker may exploit this issue by enticing victims into opening a malicious file.

Successful exploits will result in denial-of-service conditions on applications using the affected library. Applications such as Windows Explorer or Picture and Fax viewer have been identified as vulnerable. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30160.ico.zip

Navigation

Suggest Exploit

Services By CQR