CVE-2003-0818

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 03/03/04 - Updated on 11/10/17

Description

Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2003-0818

Exploits

Exploit-DBEDB-153, EDB-16377, EDB-3022
SecurityFocusBID-9633

Relative technologies

VendorProduct
microsoftwindows_2000
microsoftwindows_2003_server
microsoftwindows_nt
microsoftwindows_xp

Share this vulnerability with:

Twitter Facebook LinkedIn Mail