[Dshield] New MS vulnerabilitity

Jon R. Kibler Jon.Kibler at aset.com
Wed Feb 11 00:17:33 GMT 2004


Not an MS expert -- and don't really keep track of all of the latest MS problems, but
I don't recall hearing anyone discuss this one before now:

Quoting from above document:
>    Multiple integer overflow vulnerabilities in the Microsoft Windows
>    ASN.1 parser library could allow an unauthenticated, remote attacker
>    to execute arbitrary code with SYSTEM privileges.
> Description
>    Microsoft Security Bulletin MS04-007 announces a patch for multiple
>    vulnerabilities in the Microsoft Windows ASN.1 library
>    (msasn1.dll).  According to information from eEye Digital Security,
>    the vulnerabilities involve integer overflows and other flaws in
>    integer arithmetic. 

Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214

Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

More information about the list mailing list