oval:org.mitre.oval:def:653

Definition Id: oval:org.mitre.oval:def:653

Oval ID:	oval:org.mitre.oval:def:653
Title:	Windows 2000 ASN.1 Library Integer Overflow Vulnerabilities
Description:	Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0818	Version:	1
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft ASN.1 Library
Definition Synopsis:
Windows 2000 is installed AND the version of msasn1.dll is less than 5.0.2195.6823 AND NOT the patch kb828028 is installed