PT-2004-1167 · Microsoft · Windows Nt 4.0+3

Derek Soeder

Publicado

2004-02-11

Atualizado

2019-04-30

CVE-2003-0818

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Windows NT 4.0 Windows 2000 Windows XP

Description The issue is related to multiple integer overflows in the Microsoft ASN.1 library, which can be exploited by remote attackers to execute arbitrary code. This is achieved through ASN.1 BER encodings with very large length fields, causing arbitrary heap data to be overwritten, or through modified bit strings.

Recommendations For Windows NT 4.0, apply the necessary patch to fix the integer overflows in the Microsoft ASN.1 library. For Windows 2000, apply the necessary patch to fix the integer overflows in the Microsoft ASN.1 library. For Windows XP, apply the necessary patch to fix the integer overflows in the Microsoft ASN.1 library.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2003-0818

Produtos afetados

Asn.1 Library

Windows 2000

Windows Nt 4.0

Windows Xp

PT-2004-1167 · Microsoft · Windows Nt 4.0+3

CVE-2003-0818

Identificadores relacionados

Produtos afetados

Referências · 17