Intrusion Prevention



This indicates an attempt to exploit a buffer overflow vulnerability in Microsoft's Abstract Syntax Notation One (ASN.1) Library.
The vulnerability is due to unchecked buffers in Microsoft's ASN.1 Library. A remote attacker can exploit them to launch a Denial of Service (DoS) attack on a target system, by sending a malformed NETBIOS message to TCP port 139 or 445.

Affected Products

Any unprotected Windows (Windows NT, 2000, XP, 2003) system is vulnerable to the attack.


Denial of Service.
System compromise: arbitrary code execution.

Recommended Actions

Apply appropriate patches or upgrade the system to the latest non-vulnerable version.