Intrusion Prevention

MS.Windows.ASN.1.Bitstring.Heap.Overflow

Description

This indicates an attack attempt against a vulnerability in the Microsoft ASN.1 library.
The vulnerability is in MSASN1.DLL, which is part of the ASN.1 library. It is due to the software's inabiity to properly handle nested constructed bit strings. It may allow remote attackers to execute arbitrary code via specially crafted ASN.1 BER encodings.

Affected Products

Microsoft, Windows NT, Workstation 4.0 SP6a
Microsoft, Windows 2000, Service Pack 2
Microsoft, Windows 2000, Service Pack 3
Microsoft, Windows 2000, Service Pack 4, FR
Microsoft, Windows XP, Gold
Microsoft, Windows XP, Service Pack 1, Tablet PC
Microsoft, Windows XP, 64-bit
Microsoft, Windows XP, 64-bit, Service Pack 1
Microsoft, Windows XP, 64-bit Version 2003, Service Pack 1
Microsoft, Windows Server 2003, Release 2
Microsoft, Windows Server 2003, 64-bit
Microsoft, Windows NT, Server 4.0 SP6a
Microsoft, Windows NT, Terminal Server 4.0 SP6

Impact

System compromise: Remote code execution.

Recommended Actions

Apply corresponding patches.
Microsoft Windows 2000 Server SP2:
* Microsoft Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2 -4797-A8C6-A2E663A53698&displaylang=en
Microsoft Windows 2000 Advanced Server SP2:
* Microsoft Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2 -4797-A8C6-A2E663A53698&displaylang=en
Microsoft Windows Server 2003 Enterprise Edition Itanium 0:
* Microsoft Security Upd for Windows Server 2003 64-bit Edition/Windows XP 64-bit Edition Version 2003:KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA280168-66E1 -4B5F-958F-E178C3F61F7C&displaylang=en
Microsoft Windows Server 2003 Standard Edition:
* Microsoft Security Update for Windows Server 2003: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D7FFFF9-A497 -42FF-90E7-283732B2E117&displaylang=en
Microsoft Windows XP Professional:
* Microsoft Security Update for Windows XP: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=0CC30297-D4AE -48E9-ACD0-1343D89CCBBA&displaylang=en
Microsoft Windows Server 2003 Datacenter Edition Itanium 0:
* Microsoft Security Upd for Windows Server 2003 64-bit Edition/Windows XP 64-bit Edition Version 2003:KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA280168-66E1 -4B5F-958F-E178C3F61F7C&displaylang=en
Microsoft Windows XP 64-bit Edition SP1:
* Microsoft Security Update for Windows XP 64-Bit Edition: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=383C397F-9318 -4AD5-9C2C-0577118A1E68&displaylang=en
Microsoft Windows Server 2003 Datacenter Edition:
* Microsoft Security Update for Windows Server 2003: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D7FFFF9-A497 -42FF-90E7-283732B2E117&displaylang=en
Microsoft Windows 2000 Advanced Server SP4:
* Microsoft Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2 -4797-A8C6-A2E663A53698&displaylang=en
Microsoft Windows 2000 Professional SP3:
* Microsoft Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2 -4797-A8C6-A2E663A53698&displaylang=en
Microsoft Windows Server 2003 Enterprise Edition:
* Microsoft Security Update for Windows Server 2003: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D7FFFF9-A497 -42FF-90E7-283732B2E117&displaylang=en
Microsoft Windows 2000 Professional SP2:
* Microsoft Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2 -4797-A8C6-A2E663A53698&displaylang=en
Microsoft Windows Server 2003 Web Edition:
* Microsoft Security Update for Windows Server 2003: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D7FFFF9-A497 -42FF-90E7-283732B2E117&displaylang=en
Microsoft Windows 2000 Advanced Server SP3:
* Microsoft Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2 -4797-A8C6-A2E663A53698&displaylang=en
Microsoft Windows XP Home:
* Microsoft Security Update for Windows XP: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=0CC30297-D4AE -48E9-ACD0-1343D89CCBBA&displaylang=en
Microsoft Windows XP Home SP1:
* Microsoft Security Update for Windows XP: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=0CC30297-D4AE -48E9-ACD0-1343D89CCBBA&displaylang=en
Microsoft Windows XP 64-bit Edition Version 2003 SP1:
* Microsoft Security Upd for Windows Server 2003 64-bit Edition/Windows XP 64-bit Edition Version 2003:KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA280168-66E1 -4B5F-958F-E178C3F61F7C&displaylang=en
Microsoft Windows 2000 Server SP3:
* Microsoft Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2 -4797-A8C6-A2E663A53698&displaylang=en
Microsoft Windows XP 64-bit Edition Version 2003:
* Microsoft Security Upd for Windows Server 2003 64-bit Edition/Windows XP 64-bit Edition Version 2003:KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA280168-66E1 -4B5F-958F-E178C3F61F7C&displaylang=en
Microsoft Windows XP 64-bit Edition:
* Microsoft Security Update for Windows XP 64-Bit Edition: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=383C397F-9318 -4AD5-9C2C-0577118A1E68&displaylang=en
Microsoft Windows NT Server 4.0 SP6a:
* Microsoft Security Update for Windows NT Server 4.0: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=E8315430-90CD -4B20-8F54-58527932B588&displaylang=en
Microsoft Windows NT Terminal Server 4.0 SP6:
* Microsoft Security Update for Windows NT Server Terminal Server Edition: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=D83B39D3-FF13 -4D0B-B406-A225AED0D659&displaylang=en
Microsoft Windows NT Workstation 4.0 SP6a:
* Microsoft Security Update for Windows NT Workstation 4.0: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=92400199-B3D5 -4826-98D4-F134849F5249&displaylang=en

Coverage

IPS (Regular DB)
IPS (Extended DB)

ID	15609
Created	May 20, 2008
Updated	Nov 09, 2021
Risk
CVE ID	CVE-2005-1935
Exploit Prediction Score	83.01%
Default Action	drop
Active
Affected OS	Windows
Affected App	Other

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

MS.Windows.ASN.1.Bitstring.Heap.Overflow

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

MS.Windows.ASN.1.Bitstring.Heap.Overflow

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

Threat Intelligence
Center