TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
EXPL_ANICMOO.GEN
Overview
Solution

Malware type: Exploit

Aliases: Downloader(Symantec), Troj/Animoo-E(Sophos), Trojan-Downloader.Win32.Ani.c(Kaspersky), EXP/Ani.Gen(Avira), CVE-2004-1305 (not disinfectable)(F-Prot), Exploit-ANIfile(McAfee)

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Low

Description: 

This is the Trend Micro detection for the specially crafted cursor, animated cursor (.ANI), and icon formats that exploit a vulnerability in the way Windows handles these files. Successfully exploiting the said vulnerability can allow remote users to issue commands on the affected system.

More information about this vulnerability is found in this Web page:

TROJ_ANICMOO.AX exploits this vulnerability.

For additional information about this threat, see:
Solution
Technical Details

Description created: Apr. 1, 2007 7:14:29 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.