Attack Report

Global Microsoft Windows ASN.1 Library buffer overflow attempt

Background

Description

Microsoft Windows ASN.1 Library buffer overflow attempt

Vulnerabilities

CVE-2003-0818
Age: 3783 days Severity: High CVSS Score: 7.5

Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.