Skip navigation
Menu
End-User Platforms>Windows 7/8

Arbitrary Remote Execution of Code in Microsoft Windows

Reported February 10, 2004, by Microsoft.

 

 

 

VERSIONS AFFECTED

 

·         Windows Server 2003

·         Windows XP

·         Windows 2000 Server

·         Windows NT Server 4.0 Terminal Server Edition (WTS)

·         Windows NT Server 4.0

DESCRIPTION

A vulnerability in Windows can result in the remote execution of arbitrary code on the vulnerable system with System privileges. The vulnerability, which is a result of an unchecked buffer in the Microsoft ASN.1 Library, could lead to a buffer overflow. An attacker could then take any action on the system, including installing programs, viewing data, changing data, deleting data, and creating new accounts with full privileges.

VENDOR RESPONSE

Microsoft has released security bulletin MS04-007, "ASN.1 Vulnerability Could Allow Code Execution (828028)," to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT

Discovered by eEye Digital Security.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019