Intrusion Prevention

MS.ASN.1.Library.Bitstring.Heap.Overflow

Description

This indicates a possible attempt to exploit a vulnerability in the Microsoft Abstract Syntax Notation (ASN.1) library.
The vulnerability is due to an unchecked buffer in the Microsoft ASN.1 Library that may allow an attacker to cause a buffer overflow. A successful exploit of this vulnerability could cause a denial of service or allow execution of arbitrary code. The library is used by Microsoft executables and libraries such as LSASS.EXE and CRYPT32.DLL.

Affected Products

Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Windows NT Server 4.0 SP6a
Microsoft Windows NT Server 4.0 Terminal Server Edition SP6a
Microsoft Windows 2000 SP2 - SP4
Microsoft Windows XP
Microsoft Windows XP SP1
Microsoft Windows XP 64-Bit Edition
Microsoft Windows XP 64-Bit Edition SP1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows XP 64-Bit Edition Version 2003 SP1
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition

Impact

Denial of service
System compromise: Arbitrary code execution

Recommended Actions

Apply the patch found in the Microsoft Security Bulletin MS04-007:
http://www.microsoft.com/technet/security/Bulletin/MS04-007.mspx

CVE References

CVE-2003-0818