CVE Vulnerabilities

CVE-2003-0818

Published: Mar 03, 2004 | Modified: Apr 30, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.

Affected Software

Name Vendor Start Version End Version
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_2003_server Microsoft web web
Windows_2003_server Microsoft enterprise enterprise
Windows_nt Microsoft 4.0 4.0
Windows_2003_server Microsoft enterprise_64-bit enterprise_64-bit
Windows_xp Microsoft * *
Windows_2000 Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_2000 Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_2000 Microsoft * *
Windows_2003_server Microsoft r2 r2
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_2000 Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_2003_server Microsoft r2 r2
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_2003_server Microsoft standard standard
Windows_nt Microsoft 4.0 4.0

References