Vulnerability Note VU#255924
Microsoft Windows ASN.1 library contains a memory management vulnerability
Microsoft's ASN.1 library contains a memory management error that could be exploited by a remote attacker to cause a denial-of-service situation, or execute arbitrary code.
Microsoft's ASN.1 library contains a memory management error, potentially a "double-free" condition. By sending a crafted request, an attacker may be able to exploit this vulnerability to corrupt memory or execute arbitrary code. This vulnerability affects the following systems:
Exploitation of this vulnerability may lead to a denial-of-service condition, or the ability to execute arbitrary code.
Apply a patch from the vendor
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||14 Apr 2004|
CVSS Metrics (Learn More)
Thanks to Microsoft for reporting this vulnerability.
This document was written by Jason A Rafail.
- CVE IDs: CAN-2004-0123
- Date Public: 13 Apr 2004
- Date First Published: 14 Apr 2004
- Date Last Updated: 14 Apr 2004
- Severity Metric: 48.55
- Document Revision: 2
If you have feedback, comments, or additional information about this vulnerability, please send us email.