Microsoft Windows ASN.1 Library Bit String Processing Variant Heap Corruption Vulnerability

Microsoft Windows ASN.1 Library Bit String Processing Variant Heap Corruption Vulnerability

References:

kill-bill (Solar Eclipse)
Microsoft ASN.1 Library Bit String Heap Corruption (eEye Digital Security)
Microsoft Security Bulletin MS04-007 (Microsoft)
VU#583108 - Microsoft ASN.1 Library improperly decodes constructed bit strings (CERT/CC)
ASN.1 vulnerability -is- on Win98 ("Joshua Levitsky" )

Privacy Statement
Copyright 2010, SecurityFocus