Back to search
CVE-2003-0818
Published: Feb 11, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#583108
third-party-advisory
x_refsource_CERT-VN
TA04-041A
third-party-advisory
x_refsource_CERT
oval:org.mitre.oval:def:653
vdb-entry
signature
x_refsource_OVAL
20040210 EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
mailing-list
x_refsource_BUGTRAQ
20040210 EEYE: Microsoft ASN.1 Library Bit String Heap Corruption
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:799
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:796
vdb-entry
signature
x_refsource_OVAL
VU#216324
third-party-advisory
x_refsource_CERT-VN
MS04-007
vendor-advisory
x_refsource_MS
20040210 EEYE: Microsoft ASN.1 Library Bit String Heap Corruption
mailing-list
x_refsource_NTBUGTRAQ
20040210 EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
mailing-list
x_refsource_NTBUGTRAQ
oval:org.mitre.oval:def:797
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now