Multiple Integer Overflows in Microsoft ASN.1 Library: Remote Code Execution Vulnerability

Multiple Integer Overflows in Microsoft ASN.1 Library: Remote Code Execution Vulnerability

CVE-2003-0818 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.

Learn more about our Web Application Penetration Testing UK.