Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2004-02-11T05:00:00
Updated: 2024-08-08T02:05:12.559Z
Reserved: 2003-09-18T00:00:00
Link: CVE-2003-0818
Vulnrichment
No data.
NVD
Status : Modified
Published: 2004-03-03T05:00:00.000
Modified: 2024-11-20T23:45:35.480
Link: CVE-2003-0818
Redhat
No data.