Check Point Reference: | CPAI-2009-226 |
Date Published: | 13 Oct 2009 |
Severity: | High |
Last Updated: | Friday 16 October, 2009 |
Source: | Microsoft Security Bulletin MS09-056 |
Industry Reference: | CVE-2009-2510 |
Protection Provided by: | |
Who is Vulnerable? | Microsoft Windows 2000 SP4 Windows XP SP2 Windows XP SP3 Windows XP Professional x64 Edition SP2 Windows Server 2003 SP2 Windows Server 2003 x64 Edition SP2 Windows Server 2003 with SP2 (Itanium) Windows Vista Windows Vista SP1 Windows Vista SP2 Windows Vista x64 Edition Windows Vista x64 Edition SP1 Windows Vista x64 Edition SP2 Windows Server 2008 for 32-bit Systems Windows Server 2008 for 32-bit Systems SP2 Windows Server 2008 for x64-based Systems Windows Server 2008 for x64-based Systems SP2 Windows Server 2008 (Itanium) Windows Server 2008 (Itanium) SP2 Windows 7 for 32-bit Systems Windows 7 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 (Itanium) |
Vulnerability Description | A spoofing vulnerability has been reported in the Microsoft Windows CryptoAPI component when parsing ASN.1 information from X.509 certificates. The CryptoAPI provide services that enable application developers to add encryption/decryption of data, authentication using digital certificates, and encoding to and decoding from Abstract Syntax Notation One (ASN.1) to their Windows-based applications. A remote attacker who successfully exploited this vulnerability could impersonate another user or system. |
Update/Patch Avaliable | Apply patches: Microsoft Security Bulletin MS09-056 |
Vulnerability Details | The vulnerability is due to an error in the Windows CryptoAPI that incorrectly parses a null terminator as the end of any values identified by an Object Identifier (OID). This causes the CryptoAPI to only parse part of the actual value. When this partial value has meaning to the end user, this may lead to a situation where an attacker could impersonate another user or system. |