oval:org.mitre.oval:def:799

Definition Id: oval:org.mitre.oval:def:799

Oval ID:	oval:org.mitre.oval:def:799
Title:	Windows Server 2003 ASN.1 Library Integer Overflow Vulnerabilities
Description:	Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0818	Version:	1
Platform(s):	Microsoft Windows Server 2003	Product(s):	Microsoft ASN.1 Library
Definition Synopsis:
Windows Server 2003 is installed AND the version of msasn1.dll is less than 5.2.3790.88 AND NOT the patch kb828028 is installed