Microsoft Windows XP - GDI+ '.ICO' File Remote Denial of Service

Author: Dennis Rand
type: dos
platform: windows
port: 
date_added: 2007-06-06  
date_updated: 2013-12-10  
verified: 1  
codes: CVE-2007-2237;OSVDB-38494  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 30160.txt  

source: https://www.securityfocus.com/bid/24346/info

Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to properly handle maliciously crafted ICO files.

An attacker may exploit this issue by enticing victims into opening a malicious file.

Successful exploits will result in denial-of-service conditions on applications using the affected library. Applications such as Windows Explorer or Picture and Fax viewer have been identified as vulnerable.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30160.ico.zip