Ravens PHP Scripts - Microsoft Windows Animated Cursor Handling Vulnerability

SECUNIA ADVISORY ID: SA24659

VERIFY ADVISORY: http://secunia.com/advisories/24659/

CRITICAL: Extremely critical

NOTE: The vulnerability is currently being actively exploited.

IMPACT: System access

WHERE: >From remote

DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error in the handling of animated cursors and can e.g. be exploited by tricking a user into visiting a malicious website using Internet Explorer or opening a malicious e-mail message. Successful exploitation allows execution of arbitrary code.

OPERATING SYSTEM:

Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/
Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/
Microsoft Windows 2000 Professional - http://secunia.com/product/1/
Microsoft Windows 2000 Server - http://secunia.com/product/20/
Microsoft Windows XP Home Edition - http://secunia.com/product/16/
Microsoft Windows XP Professional - http://secunia.com/product/22/
Microsoft Windows Server 2003 Datacenter Edition - http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition - http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition - http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition - http://secunia.com/product/1176/
Microsoft Windows Storage Server 2003 - http://secunia.com/product/12399/
Microsoft Windows Vista - http://secunia.com/product/13223/

SOLUTION: Do not browse untrusted sites or view untrusted e-mails.

PROVIDED AND/OR DISCOVERED BY: Discovered as a 0-day.

ORIGINAL ADVISORY: Microsoft:
http://www.microsoft.com/technet/security/advisory/935423.mspx
http://blogs.technet.com/msrc/archive/2007/03/29/microsoft-security-advisory-935423-posted.aspx

OTHER REFERENCES: US-CERT VU#191609: http://www.kb.cert.org/vuls/id/191609