VYPR
Unrated severityNVD Advisory· Published Mar 3, 2004· Updated Jun 16, 2026

CVE-2003-0818

CVE-2003-0818

Description

Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

39
  • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*+ 5 more
    • cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*+ 22 more
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*+ 4 more
    • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.