SECURITY UPDATE - ASN.1 Vulnerability [MS04-007]
2 posts
• Page 1 of 1
SECURITY UPDATE - ASN.1 Vulnerability [MS04-007]
SECURITY UPDATE
ASN.1 Vulnerability Could Allow Code Execution
11 February 2004
Severity Rating: Critical
Risk Impact:
Remote code execution
Affected Software:
Microsoft Windows XP (XP, XP 64-bit edition and XP 64-bit edition 2003), Windows 2000, Windows NT (Workstation 4.0, Server 4.0 and Server 4.0 Terminal Server Edition) and Windows Server 2003 (2003 and 64-bit edition).
Details:
This vulnerability is caused by unchecked buffer in Microsoft ASN.1 Library which results in buffer overflow. An attacker which exploit this vulnerability could execute code with system privileges on an affected system. The attacker can take any action on the system, including installing programs, viewing data, changing data, deleting data and creating new accounts with full privileges. This vulnerability could also be exploited by an internet worm, including the recent Blast worm (also known as MSBlast).
Patch Availability:
http://www.microsoft.com/technet/
Please visit this page and select the correct version of Windows for the security patch.
Please visit the source for details of patches.
Microsoft Security Bulletin MS04-007, Sophos and eEye Digital Security.
- ODiaz86
- Posts: 510
- Joined: Wed Jun 26, 2002 3:33 pm
- Location: Millville, New Jersey - USA
- Real Name: Omar Diaz
You can also go here for more info: Click Here
- MinusDriver
- Posts: 813
- Joined: Thu Jan 08, 2004 9:47 pm
- Location: Atlanta, GA
- Real Name: Michael
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 3 guests