[Dshield] New MS vulnerabilitity

Jon R. Kibler Jon.Kibler at aset.com
Wed Feb 11 00:17:33 GMT 2004


Hi,

Not an MS expert -- and don't really keep track of all of the latest MS problems, but
I don't recall hearing anyone discuss this one before now:
	http://www.us-cert.gov/cas/techalerts/TA04-041A.html

Quoting from above document:
>    Multiple integer overflow vulnerabilities in the Microsoft Windows
>    ASN.1 parser library could allow an unauthenticated, remote attacker
>    to execute arbitrary code with SYSTEM privileges.
> 
> Description
> 
>    Microsoft Security Bulletin MS04-007 announces a patch for multiple
>    vulnerabilities in the Microsoft Windows ASN.1 library
>    (msasn1.dll).  According to information from eEye Digital Security,
>    the vulnerabilities involve integer overflows and other flaws in
>    integer arithmetic. 

--
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the list mailing list