MS09-035

Executive Summary

Summary
Title	Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)

Informations
Name	MS09-035	First vendor Publication	2009-07-28
Vendor	Microsoft	Last vendor Modification	2011-07-27
Severity (Vendor)	Moderate	Revision	3.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V3.1 (July 27, 2011): Corrected the update verification information for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package, Microsoft Visual C++ 2008 Redistributable Package, and Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package. Removed the registry key information in favor of product codes. This is an informational change only.

Summary: This security update addresses several privately reported vulnerabilities in the public versions of the Microsoft Active Template Library (ATL) included with Visual Studio. This security update is specifically intended for developers of components and controls. Developers who build and redistribute components and controls using ATL should install the update provided in this bulletin and follow the guidance provided to create, and distribute to their customers, components and controls that are not vulnerable to the vulnerabilities described in this security bulletin.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS09-035.mspx

CWE : Common Weakness Enumeration

id	Name
CWE-94	Failure to Control Generation of Code ('Code Injection')
CWE-264	Permissions, Privileges, and Access Controls
CWE-200	Information Exposure
CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:7436

Oval ID:	oval:org.mitre.oval:def:7436
Title:	Microsoft Video ActiveX Control Vulnerability
Description:	Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0015	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control HtmlInput Object ActiveX Control
Definition Synopsis:
Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND Check for affected platforms with vulnerable file Check for Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Check for Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Check for Windows XP SP2 (64-bit) and 2003 x86/x64/ia64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 (KB973540) Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 (KB973540) Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP3 x86 (KB973540) Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.4507 AND Wmpdxm.dll version is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86/x64, Server 2003 SP2 x86/x64 (KB973540) Windows Media Player v10 is installed. AND Check for affected platforms with vulnerable file Check for Windows XP SP2/SP3 OS check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND file checks the version of Wmp.dll is less than 10.0.0.4074 AND Wmpdxm.dll version is less than 10.0.0.4074 OR Check for Windows XP x64 SP2, Windows Server 2003 x64 SP2 OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND file checks the version of Wwmp.dll is less than 10.0.0.4006 AND Wwmpdxm.dll version is less than 10.0.0.4006 OR Check for Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND file checks the version of Wmp.dll is less than 10.0.0.4006 AND Wmpdxm.dll version is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP x86 SP2/SP3, XP x64 SP2 (KB973540) OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Windows Media Player v11 is installed. AND file checks the version of Wmp.dll is less than 11.0.5721.5268 AND Wmpdxm.dll version is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows Vista 32-bit/64-bit RTM (KB973540) OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6000.6352 AND Wmpdxm.dll version is less than 11.0.6000.6352 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND file checks the version of Wmp.dll is less than 11.0.6000.6511 AND Wmpdxm.dll version is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista 32/64-bit SP1, Server 2008 32/64-bit (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6001.7007 AND Wmpdxm.dll version is less than 11.0.6001.7007 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND file checks the version of Wmp.dll is less than 11.0.6001.7114 AND Wmpdxm.dll version is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista 32/64-bit SP2, Server 2008 32/64-bit SP2 (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6002.18065 AND Wmpdxm.dll version is less than 11.0.6002.18065 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND file checks the version of Wmp.dll is less than 11.0.6002.22172 AND Wmpdxm.dll version is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista OS Check for windows Vista X86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND GRD/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6000.16891 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6000.20000 AND the version of Ehkeyctl.dll is less than 6.0.6000.21090 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP1 OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND GDR/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6001.18295 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6001.22000 AND the version of Ehkeyctl.dll is less than 6.0.6001.22476 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP2 OS check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND GDR/LDR version check the version of Ehkeyctl.dll is less than 6.0.6002.18072 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6002.22000 AND the version of Ehkeyctl.dll is less than 6.0.6002.22181 OR Check for Vulnerable ActiveX and Windows 2000, XP, 2003 OS check Microsoft Windows 2000 SP4 or later is installed AND Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Windows Vista is installed AND Windows Server 2008 is installed AND Check for Vulnerable ActiveX HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{011B3619-FE63-4814-8A84-15A194CE9CE3}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{011B3619-FE63-4814-8A84-15A194CE9CE3}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0149EEDF-D08F-4142-8D73-D23903D21E90}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0149EEDF-D08F-4142-8D73-D23903D21E90}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E5-45B6-11D3-B650-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E5-45B6-11D3-B650-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E6-45B6-11D3-B650-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E6-45B6-11D3-B650-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15D6504A-5494-499C-886C-973C9E53B9F1}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15D6504A-5494-499C-886C-973C9E53B9F1}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C15D484-911D-11D2-B632-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C15D484-911D-11D2-B632-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1DF7D126-4050-47F0-A7CF-4C4CA9241333}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1DF7D126-4050-47F0-A7CF-4C4CA9241333}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{334125C0-77E5-11D3-B653-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{334125C0-77E5-11D3-B653-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B0353C-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B0353C-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03543-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03543-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03544-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03544-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{418008F3-CF67-4668-9628-10DC52BE1D08}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{418008F3-CF67-4668-9628-10DC52BE1D08}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{577FAA18-4518-445E-8F70-1473F8CF4BA4}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{577FAA18-4518-445E-8F70-1473F8CF4BA4}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59DC47A8-116C-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59DC47A8-116C-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{823535A0-0318-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{823535A0-0318-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4C-1F63-11D3-B64C-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4C-1F63-11D3-B64C-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4D-1F63-11D3-B64C-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4D-1F63-11D3-B64C-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9CD64701-BDF3-4D14-8E03-F12983D86664}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9CD64701-BDF3-4D14-8E03-F12983D86664}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E3074E-6C3D-11D3-B653-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E3074E-6C3D-11D3-B653-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E30750-6C3D-11D3-B653-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E30750-6C3D-11D3-B653-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AD8E510D-217F-409B-8076-29C5E73B98E8}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AD8E510D-217F-409B-8076-29C5E73B98E8}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B0EDF163-910A-11D2-B632-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B0EDF163-910A-11D2-B632-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B64016F3-C9A2-4066-96F0-BD9563314726}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B64016F3-C9A2-4066-96F0-BD9563314726}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BB530C63-D9DF-4B49-9439-63453962E598}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BB530C63-D9DF-4B49-9439-63453962E598}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C531D9FD-9685-4028-8B68-6E1232079F1E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C531D9FD-9685-4028-8B68-6E1232079F1E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCC-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCC-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCD-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCD-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCE-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCE-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCF-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCF-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CD0-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CD0-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D02AAC50-027E-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D02AAC50-027E-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FA7C375B-66A7-4280-879D-FD459C84BB02}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FA7C375B-66A7-4280-879D-FD459C84BB02}!Compatibility Flags is not equal to 0x00000400

Definition Id: oval:org.mitre.oval:def:6363

Oval ID:	oval:org.mitre.oval:def:6363
Title:	Microsoft Video ActiveX Control Vulnerability
Description:	Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0015	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control
Definition Synopsis:
Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Microsoft Outlook Express 6 on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Microsoft Outlook Express 6 on Windows XP SP2 (64-bit) Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 AND Microsoft Windows XP x64 Edition SP2 is installed OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 (x64-bit) Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 (ia64) Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.3271 OR Windows Media Player 9 on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4074 OR Windows Media Player 10 on Windows XP SP2 (x64-bit) Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 AND Microsoft Windows XP x64 Edition SP2 is installed OR Windows Media Player 10 on Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 OR Windows Media Player 10 on Windows Server 2003 SP2 (x64-bit) Microsoft Windows Server 2003 SP2 (x64) is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP SP2/SP3 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v11 is installed. AND the version of Wmp.dll is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows XP SP2 (x64-bit) Windows Media Player v11 is installed. AND the version of Wmp.dll is less than 11.0.5721.5268 AND Microsoft Windows XP x64 Edition SP2 is installed OR Windows Media Player 11 on Windows Vista (32-bit)/(64-bit) IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND the version of Spwmp.dll is greater than or equal 6.0.6000.16000 AND the version of Wmp.dll is less than 11.0.6000.6352 OR Windows Media Player 11 on Windows Vista SP1/Server 2008 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of Spwmp.dll is greater than or equal 6.0.6001.18000 AND the version of Wmp.dll is less than 11.0.6001.7007 OR Windows Media Player 11 on Windows Vista SP2/Server 2008 SP2 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND the version of Spwmp.dll is greater than or equal 6.0.6002.18000 AND the version of Wmp.dll is less than 11.0.6002.18065 OR Windows Media Player 11 on Windows Vista (32-bit)/(64-bit) IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND the version of Wmp.dll is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista SP1/Server 2008 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND the version of Wmp.dll is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista SP2/Server 2008 SP2 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND the version of Wmp.dll is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit IF Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 IF Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386

Definition Id: oval:org.mitre.oval:def:6333

Oval ID:	oval:org.mitre.oval:def:6333
Title:	Microsoft Video ActiveX Control Vulnerability
Description:	Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0015	Version:	2
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):
Definition Synopsis:
IF Microsoft Windows 2000 SP4 or later is installed AND Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Windows Vista is installed AND Windows Server 2008 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{011B3619-FE63-4814-8A84-15A194CE9CE3}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{011B3619-FE63-4814-8A84-15A194CE9CE3}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0149EEDF-D08F-4142-8D73-D23903D21E90}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0149EEDF-D08F-4142-8D73-D23903D21E90}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E5-45B6-11D3-B650-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E5-45B6-11D3-B650-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E6-45B6-11D3-B650-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E6-45B6-11D3-B650-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15D6504A-5494-499C-886C-973C9E53B9F1}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15D6504A-5494-499C-886C-973C9E53B9F1}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C15D484-911D-11D2-B632-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C15D484-911D-11D2-B632-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1DF7D126-4050-47F0-A7CF-4C4CA9241333}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1DF7D126-4050-47F0-A7CF-4C4CA9241333}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{334125C0-77E5-11D3-B653-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{334125C0-77E5-11D3-B653-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B0353C-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B0353C-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03543-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03543-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03544-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03544-A4C8-11D2-B634-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{418008F3-CF67-4668-9628-10DC52BE1D08}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{418008F3-CF67-4668-9628-10DC52BE1D08}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{577FAA18-4518-445E-8F70-1473F8CF4BA4}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{577FAA18-4518-445E-8F70-1473F8CF4BA4}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59DC47A8-116C-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59DC47A8-116C-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{823535A0-0318-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{823535A0-0318-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4C-1F63-11D3-B64C-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4C-1F63-11D3-B64C-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4D-1F63-11D3-B64C-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4D-1F63-11D3-B64C-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9CD64701-BDF3-4D14-8E03-F12983D86664}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9CD64701-BDF3-4D14-8E03-F12983D86664}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E3074E-6C3D-11D3-B653-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E3074E-6C3D-11D3-B653-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E30750-6C3D-11D3-B653-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E30750-6C3D-11D3-B653-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AD8E510D-217F-409B-8076-29C5E73B98E8}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AD8E510D-217F-409B-8076-29C5E73B98E8}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B0EDF163-910A-11D2-B632-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B0EDF163-910A-11D2-B632-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B64016F3-C9A2-4066-96F0-BD9563314726}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B64016F3-C9A2-4066-96F0-BD9563314726}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BB530C63-D9DF-4B49-9439-63453962E598}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BB530C63-D9DF-4B49-9439-63453962E598}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C531D9FD-9685-4028-8B68-6E1232079F1E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C531D9FD-9685-4028-8B68-6E1232079F1E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCC-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCC-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCD-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCD-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCE-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCE-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCF-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCF-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CD0-9B79-11D3-B654-00C04F79498E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CD0-9B79-11D3-B654-00C04F79498E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D02AAC50-027E-11D3-9D8E-00C04F72D980}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D02AAC50-027E-11D3-9D8E-00C04F72D980}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FA7C375B-66A7-4280-879D-FD459C84BB02}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FA7C375B-66A7-4280-879D-FD459C84BB02}!Compatibility Flags is not equal to 0x00000400

Definition Id: oval:org.mitre.oval:def:5850

Oval ID:	oval:org.mitre.oval:def:5850
Title:	ATL Header Memcopy Vulnerability
Description:	Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption, aka "ATL Header Memcopy Vulnerability," a different vulnerability than CVE-2008-0015.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0020	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control HtmlInput Object ActiveX Control
Definition Synopsis:
Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND Check for affected platforms with vulnerable file Check for Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Check for Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Check for Windows XP SP2 (64-bit) and 2003 x86/x64/ia64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 (KB973540) Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 (KB973540) Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP3 x86 (KB973540) Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.4507 AND Wmpdxm.dll version is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86/x64, Server 2003 SP2 x86/x64 (KB973540) Windows Media Player v10 is installed. AND Check for affected platforms with vulnerable file Check for Windows XP SP2/SP3 OS check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND file checks the version of Wmp.dll is less than 10.0.0.4074 AND Wmpdxm.dll version is less than 10.0.0.4074 OR Check for Windows XP x64 SP2, Windows Server 2003 x64 SP2 OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND file checks the version of Wwmp.dll is less than 10.0.0.4006 AND Wwmpdxm.dll version is less than 10.0.0.4006 OR Check for Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND file checks the version of Wmp.dll is less than 10.0.0.4006 AND Wmpdxm.dll version is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP x86 SP2/SP3, XP x64 SP2 (KB973540) OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Windows Media Player v11 is installed. AND file checks the version of Wmp.dll is less than 11.0.5721.5268 AND Wmpdxm.dll version is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows Vista 32-bit/64-bit RTM (KB973540) OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6000.6352 AND Wmpdxm.dll version is less than 11.0.6000.6352 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND file checks the version of Wmp.dll is less than 11.0.6000.6511 AND Wmpdxm.dll version is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista 32/64-bit SP1, Server 2008 32/64-bit (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6001.7007 AND Wmpdxm.dll version is less than 11.0.6001.7007 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND file checks the version of Wmp.dll is less than 11.0.6001.7114 AND Wmpdxm.dll version is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista 32/64-bit SP2, Server 2008 32/64-bit SP2 (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6002.18065 AND Wmpdxm.dll version is less than 11.0.6002.18065 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND file checks the version of Wmp.dll is less than 11.0.6002.22172 AND Wmpdxm.dll version is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista OS Check for windows Vista X86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND GRD/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6000.16891 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6000.20000 AND the version of Ehkeyctl.dll is less than 6.0.6000.21090 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP1 OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND GDR/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6001.18295 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6001.22000 AND the version of Ehkeyctl.dll is less than 6.0.6001.22476 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP2 OS check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND GDR/LDR version check the version of Ehkeyctl.dll is less than 6.0.6002.18072 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6002.22000 AND the version of Ehkeyctl.dll is less than 6.0.6002.22181

Definition Id: oval:org.mitre.oval:def:7581

Oval ID:	oval:org.mitre.oval:def:7581
Title:	ATL Uninitialized Object Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0901	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control HtmlInput Object ActiveX Control
Definition Synopsis:
Outlook 2002 Microsoft Outlook 2002 is installed AND the version of Outllib.dll is less than 10.0.6856.0 OR Outlook 2003 Microsoft Outlook 2003 is installed AND the version of Outllib.dll is less than 11.0.8313.0 OR Outlook 2007 Microsoft Outlook 2007 is installed AND the version of Outlook.exe is less than 12.0.6514.5000 OR Microsoft Visio Viewer 2002 Microsoft Visio Viewer 2002 is installed OR Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2003 is installed OR Microsoft Office Visio Viewer 2007 Microsoft Office Visio Viewer 2007 is installed AND the version of Vviewer.dll is less than 12.0.6513.5000 OR Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio .NET 2003 SP1 is installed AND the version of Mfc71.dll is less than 7.10.6101.0 OR Microsoft Visual Studio 2005 SP1 Microsoft Visual Studio 2005 Service Pack 1 is installed AND the version of ATL80.dll is less than 8.0.50727.4053 OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND the version of ATL90.dll is less than 9.0.21022.218 OR Microsoft Visual Studio 2008 SP1 Microsoft Visual Studio 2008 Service Pack 1 is installed AND the version of ATL90.dll is less than 9.0.30729.4148 OR Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2005 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 OR Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 OR Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND Check for affected platforms with vulnerable file Check for Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Check for Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Check for Windows XP SP2 (64-bit) and 2003 x86/x64/ia64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 (KB973540) Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 (KB973540) Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP3 x86 (KB973540) Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.4507 AND Wmpdxm.dll version is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86/x64, Server 2003 SP2 x86/x64 (KB973540) Windows Media Player v10 is installed. AND Check for affected platforms with vulnerable file Check for Windows XP SP2/SP3 OS check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND file checks the version of Wmp.dll is less than 10.0.0.4074 AND Wmpdxm.dll version is less than 10.0.0.4074 OR Check for Windows XP x64 SP2, Windows Server 2003 x64 SP2 OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND file checks the version of Wwmp.dll is less than 10.0.0.4006 AND Wwmpdxm.dll version is less than 10.0.0.4006 OR Check for Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND file checks the version of Wmp.dll is less than 10.0.0.4006 AND Wmpdxm.dll version is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP x86 SP2/SP3, XP x64 SP2 (KB973540) OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Windows Media Player v11 is installed. AND file checks the version of Wmp.dll is less than 11.0.5721.5268 AND Wmpdxm.dll version is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows Vista 32-bit/64-bit RTM (KB973540) OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6000.6352 AND Wmpdxm.dll version is less than 11.0.6000.6352 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND file checks the version of Wmp.dll is less than 11.0.6000.6511 AND Wmpdxm.dll version is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista 32/64-bit SP1, Server 2008 32/64-bit (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6001.7007 AND Wmpdxm.dll version is less than 11.0.6001.7007 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND file checks the version of Wmp.dll is less than 11.0.6001.7114 AND Wmpdxm.dll version is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista 32/64-bit SP2, Server 2008 32/64-bit SP2 (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6002.18065 AND Wmpdxm.dll version is less than 11.0.6002.18065 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND file checks the version of Wmp.dll is less than 11.0.6002.22172 AND Wmpdxm.dll version is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista OS Check for windows Vista X86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND GRD/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6000.16891 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6000.20000 AND the version of Ehkeyctl.dll is less than 6.0.6000.21090 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP1 OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND GDR/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6001.18295 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6001.22000 AND the version of Ehkeyctl.dll is less than 6.0.6001.22476 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP2 OS check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND GDR/LDR version check the version of Ehkeyctl.dll is less than 6.0.6002.18072 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6002.22000 AND the version of Ehkeyctl.dll is less than 6.0.6002.22181

Definition Id: oval:org.mitre.oval:def:6373

Oval ID:	oval:org.mitre.oval:def:6373
Title:	ATL Uninitialized Object Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0901	Version:	2
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003	Product(s):	Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007
Definition Synopsis:
Outlook 2002 Microsoft Outlook 2002 is installed AND the version of Outllib.dll is less than 10.0.6856.0 OR Outlook 2003 Microsoft Outlook 2003 is installed AND the version of Outllib.dll is less than 11.0.8313.0 OR Outlook 2007 Microsoft Outlook 2007 is installed AND the version of Outlook.exe is less than 12.0.6514.5000 OR Microsoft Visio Viewer 2002 Microsoft Visio Viewer 2002 is installed OR Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2003 is installed OR Microsoft Office Visio Viewer 2007 Microsoft Office Visio Viewer 2007 is installed AND the version of Vviewer.dll is less than 12.0.6513.5000

Definition Id: oval:org.mitre.oval:def:6311

Oval ID:	oval:org.mitre.oval:def:6311
Title:	ATL Uninitialized Object Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0901	Version:	10
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio .NET 2003 SP1 is installed AND the version of Mfc71.dll is less than 7.10.6101.0 OR Microsoft Visual Studio 2005 Service Pack 1 Microsoft Visual Studio 2005 Service Pack 1 is installed AND the version of ATL80.dll is less than 8.0.50727.4053 OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND the version of ATL90.dll is less than 9.0.21022.218 OR Microsoft Visual Studio 2008 Service Pack 1 Microsoft Visual Studio 2008 Service Pack 1 is installed AND the version of ATL90.dll is less than 9.0.30729.4148 OR Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2005 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 OR Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148

Definition Id: oval:org.mitre.oval:def:6289

Oval ID:	oval:org.mitre.oval:def:6289
Title:	ATL Uninitialized Object Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0901	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control
Definition Synopsis:
Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Microsoft Outlook Express 6 on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Microsoft Outlook Express 6 on Windows XP SP2 (64-bit) Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 AND Microsoft Windows XP x64 Edition SP2 is installed OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 (x64-bit) Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 (ia64) Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.3271 OR Windows Media Player 9 on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4074 OR Windows Media Player 10 on Windows XP SP2 (x64-bit) Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 AND Microsoft Windows XP x64 Edition SP2 is installed OR Windows Media Player 10 on Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 OR Windows Media Player 10 on Windows Server 2003 SP2 (x64-bit) Microsoft Windows Server 2003 SP2 (x64) is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP SP2/SP3 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v11 is installed. AND the version of Wmp.dll is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows XP SP2 (x64-bit) Windows Media Player v11 is installed. AND the version of Wmp.dll is less than 11.0.5721.5268 AND Microsoft Windows XP x64 Edition SP2 is installed OR Windows Media Player 11 on Windows Vista (32-bit)/(64-bit) IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND the version of Spwmp.dll is greater than or equal 6.0.6000.16000 AND the version of Wmp.dll is less than 11.0.6000.6352 OR Windows Media Player 11 on Windows Vista SP1/Server 2008 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of Spwmp.dll is greater than or equal 6.0.6001.18000 AND the version of Wmp.dll is less than 11.0.6001.7007 OR Windows Media Player 11 on Windows Vista SP2/Server 2008 SP2 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND the version of Spwmp.dll is greater than or equal 6.0.6002.18000 AND the version of Wmp.dll is less than 11.0.6002.18065 OR Windows Media Player 11 on Windows Vista (32-bit)/(64-bit) IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND the version of Wmp.dll is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista SP1/Server 2008 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND the version of Wmp.dll is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista SP2/Server 2008 SP2 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND the version of Wmp.dll is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit IF Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 IF Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386

Definition Id: oval:org.mitre.oval:def:6393

Oval ID:	oval:org.mitre.oval:def:6393
Title:	Remote Unauthenticated Denial of Service in ASP.NET Vulnerability
Description:	ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service (daemon outage) via a series of crafted HTTP requests, aka "Remote Unauthenticated Denial of Service in ASP.NET Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1536	Version:	1
Platform(s):	Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft .NET Framework
Definition Synopsis:
Microsoft .NET Framework 2.0 Service Pack 1 IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft .NET Framework 2.0 (Original RTM or later) is installed AND System.web.dll version is less than 2.0.50727.1871 OR Microsoft .NET Framework 2.0 Service Pack 2 IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft .NET Framework 2.0 (Original RTM or later) is installed AND System.web.dll version is less than 2.0.50727.4049 OR Microsoft .NET Framework 2.0 Service Pack 1 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 x64 Edition is installed AND Microsoft Windows Server 2008 Itanium-Based Edition is installed AND Microsoft .NET Framework 2.0 (Original RTM or later) is installed AND System.web.dll version is less than 2.0.50727.1871

Definition Id: oval:org.mitre.oval:def:6716

Oval ID:	oval:org.mitre.oval:def:6716
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	23
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Internet Explorer Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control HtmlInput Object ActiveX Control
Definition Synopsis:
Internet Explorer 5.01 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Internet Explorer 5.01 SP4 is installed AND Mshtml.dll version is less than 5.0.3882.2700 OR Check for vulnerable Internet Explorer 6 Microsoft Internet Explorer 6 is installed AND Check for vulnerable OS Check for vulnerable Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Mshtml.dll version is less than 6.0.2800.1642 OR Check for vulnerable Windows XP (x86) SP2 Microsoft Windows XP (x86) SP2 is installed AND Mshtml.dll version is less than 6.0.2900.3640 OR Check for vulnerable Windows XP (x86) SP3 Microsoft Windows XP (x86) SP3 is installed AND Mshtml.dll version is less than 6.0.2900.5897 OR Check for vulnerable OS Check for vulnerable Windows XP x64 SP2/Windows Server 2003 SP2 (x86)/(x64)/(ia64) Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Mshtml.dll version is less than 6.0.3790.4611 OR Outlook 2002 Microsoft Outlook 2002 is installed AND the version of Outllib.dll is less than 10.0.6856.0 OR Outlook 2003 Microsoft Outlook 2003 is installed AND the version of Outllib.dll is less than 11.0.8313.0 OR Outlook 2007 Microsoft Outlook 2007 is installed AND the version of Outlook.exe is less than 12.0.6514.5000 OR Microsoft Visio Viewer 2002 Microsoft Visio Viewer 2002 is installed OR Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2003 is installed OR Microsoft Office Visio Viewer 2007 Microsoft Office Visio Viewer 2007 is installed AND the version of Vviewer.dll is less than 12.0.6513.5000 OR Microsoft Windows OS and Vulnerable ActiveX OS Check Microsoft Windows 2000 SP4 or later is installed AND Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Vulnerable ActiveX HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E531-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E531-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E532-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E532-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E554-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E554-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E55C-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E55C-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279D6C9A-652E-4833-BEFC-312CA8887857}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279D6C9A-652E-4833-BEFC-312CA8887857}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B1F78FEF-3DB7-4C56-AF2B-5DCCC7C42331}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B1F78FEF-3DB7-4C56-AF2B-5DCCC7C42331}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C832BE8F-4B89-4579-A217-DB92E7A27915}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C832BE8F-4B89-4579-A217-DB92E7A27915}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A9A7297E-969C-43F1-A1EF-51EBEA36F850}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A9A7297E-969C-43F1-A1EF-51EBEA36F850}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DD8C2179-1B4A-4951-B432-5DE3D1507142}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DD8C2179-1B4A-4951-B432-5DE3D1507142}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F1E5B1A-2A80-42ca-8532-2D05CB959537}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F1E5B1A-2A80-42ca-8532-2D05CB959537}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A3D328-D206-4106-8D33-1AA39B13394B}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A3D328-D206-4106-8D33-1AA39B13394B}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DB640C86-731C-484A-AAAF-750656C9187D}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DB640C86-731C-484A-AAAF-750656C9187D}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15721a53-8448-4731-8bfc-ed11e128e444}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15721a53-8448-4731-8bfc-ed11e128e444}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3267123E-530D-4E73-9DA7-79F01D86A89F}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3267123E-530D-4E73-9DA7-79F01D86A89F}!Compatibility Flags is not equal to 0x00000400 OR Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio .NET 2003 SP1 is installed AND the version of Mfc71.dll is less than 7.10.6101.0 OR Microsoft Visual Studio 2005 SP1 Microsoft Visual Studio 2005 Service Pack 1 is installed AND the version of ATL80.dll is less than 8.0.50727.4053 OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND the version of ATL90.dll is less than 9.0.21022.218 OR Microsoft Visual Studio 2008 SP1 Microsoft Visual Studio 2008 Service Pack 1 is installed AND the version of ATL90.dll is less than 9.0.30729.4148 OR Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2005 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 OR Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 OR Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND Check for affected platforms with vulnerable file Check for Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Check for Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Check for Windows XP SP2 (64-bit) and 2003 x86/x64/ia64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 (KB973540) Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 (KB973540) Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP3 x86 (KB973540) Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.4507 AND Wmpdxm.dll version is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86/x64, Server 2003 SP2 x86/x64 (KB973540) Windows Media Player v10 is installed. AND Check for affected platforms with vulnerable file Check for Windows XP SP2/SP3 OS check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND file checks the version of Wmp.dll is less than 10.0.0.4074 AND Wmpdxm.dll version is less than 10.0.0.4074 OR Check for Windows XP x64 SP2, Windows Server 2003 x64 SP2 OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND file checks the version of Wwmp.dll is less than 10.0.0.4006 AND Wwmpdxm.dll version is less than 10.0.0.4006 OR Check for Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND file checks the version of Wmp.dll is less than 10.0.0.4006 AND Wmpdxm.dll version is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP x86 SP2/SP3, XP x64 SP2 (KB973540) OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Windows Media Player v11 is installed. AND file checks the version of Wmp.dll is less than 11.0.5721.5268 AND Wmpdxm.dll version is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows Vista 32-bit/64-bit RTM (KB973540) OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6000.6352 AND Wmpdxm.dll version is less than 11.0.6000.6352 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND file checks the version of Wmp.dll is less than 11.0.6000.6511 AND Wmpdxm.dll version is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista 32/64-bit SP1, Server 2008 32/64-bit (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6001.7007 AND Wmpdxm.dll version is less than 11.0.6001.7007 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND file checks the version of Wmp.dll is less than 11.0.6001.7114 AND Wmpdxm.dll version is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista 32/64-bit SP2, Server 2008 32/64-bit SP2 (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6002.18065 AND Wmpdxm.dll version is less than 11.0.6002.18065 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND file checks the version of Wmp.dll is less than 11.0.6002.22172 AND Wmpdxm.dll version is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista OS Check for windows Vista X86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND GRD/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6000.16891 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6000.20000 AND the version of Ehkeyctl.dll is less than 6.0.6000.21090 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP1 OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND GDR/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6001.18295 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6001.22000 AND the version of Ehkeyctl.dll is less than 6.0.6001.22476 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP2 OS check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND GDR/LDR version check the version of Ehkeyctl.dll is less than 6.0.6002.18072 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6002.22000 AND the version of Ehkeyctl.dll is less than 6.0.6002.22181

Definition Id: oval:org.mitre.oval:def:6621

Oval ID:	oval:org.mitre.oval:def:6621
Title:	ATL COM Initialization Vulnerability (CVE-2009-2493)
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	1
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
IF Microsoft Windows 2000 SP4 or later is installed AND Microsoft Internet Explorer 5.01 SP4 is installed AND Mshtml.dll version is less than 5.0.3882.2700 OR Microsoft Windows 2000 SP4 or later is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2800.1642 OR Microsoft Windows XP (x86) SP2 is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2900.3640 OR Microsoft Windows XP (x86) SP3 is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2900.5897 OR IF Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.3790.4611

Definition Id: oval:org.mitre.oval:def:6473

Oval ID:	oval:org.mitre.oval:def:6473
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	2
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003	Product(s):	Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007
Definition Synopsis:
Outlook 2002 Microsoft Outlook 2002 is installed AND the version of Outllib.dll is less than 10.0.6856.0 OR Outlook 2003 Microsoft Outlook 2003 is installed AND the version of Outllib.dll is less than 11.0.8313.0 OR Outlook 2007 Microsoft Outlook 2007 is installed AND the version of Outlook.exe is less than 12.0.6514.5000 OR Microsoft Visio Viewer 2002 Microsoft Visio Viewer 2002 is installed OR Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2003 is installed OR Microsoft Office Visio Viewer 2007 Microsoft Office Visio Viewer 2007 is installed AND the version of Vviewer.dll is less than 12.0.6513.5000

Definition Id: oval:org.mitre.oval:def:6421

Oval ID:	oval:org.mitre.oval:def:6421
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	2
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):
Definition Synopsis:
IF Microsoft Windows 2000 SP4 or later is installed AND Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E531-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E531-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E532-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E532-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E554-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E554-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E55C-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E55C-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279D6C9A-652E-4833-BEFC-312CA8887857}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279D6C9A-652E-4833-BEFC-312CA8887857}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B1F78FEF-3DB7-4C56-AF2B-5DCCC7C42331}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B1F78FEF-3DB7-4C56-AF2B-5DCCC7C42331}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C832BE8F-4B89-4579-A217-DB92E7A27915}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C832BE8F-4B89-4579-A217-DB92E7A27915}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A9A7297E-969C-43F1-A1EF-51EBEA36F850}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A9A7297E-969C-43F1-A1EF-51EBEA36F850}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DD8C2179-1B4A-4951-B432-5DE3D1507142}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DD8C2179-1B4A-4951-B432-5DE3D1507142}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F1E5B1A-2A80-42ca-8532-2D05CB959537}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F1E5B1A-2A80-42ca-8532-2D05CB959537}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A3D328-D206-4106-8D33-1AA39B13394B}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A3D328-D206-4106-8D33-1AA39B13394B}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DB640C86-731C-484A-AAAF-750656C9187D}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DB640C86-731C-484A-AAAF-750656C9187D}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15721a53-8448-4731-8bfc-ed11e128e444}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15721a53-8448-4731-8bfc-ed11e128e444}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3267123E-530D-4E73-9DA7-79F01D86A89F}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3267123E-530D-4E73-9DA7-79F01D86A89F}!Compatibility Flags is not equal to 0x00000400

Definition Id: oval:org.mitre.oval:def:6304

Oval ID:	oval:org.mitre.oval:def:6304
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	10
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio .NET 2003 SP1 is installed AND the version of Mfc71.dll is less than 7.10.6101.0 OR Microsoft Visual Studio 2005 Service Pack 1 Microsoft Visual Studio 2005 Service Pack 1 is installed AND the version of ATL80.dll is less than 8.0.50727.4053 OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND the version of ATL90.dll is less than 9.0.21022.218 OR Microsoft Visual Studio 2008 Service Pack 1 Microsoft Visual Studio 2008 Service Pack 1 is installed AND the version of ATL90.dll is less than 9.0.30729.4148 OR Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2005 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 OR Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148

Definition Id: oval:org.mitre.oval:def:6245

Oval ID:	oval:org.mitre.oval:def:6245
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control
Definition Synopsis:
Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Microsoft Outlook Express 6 on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Microsoft Outlook Express 6 on Windows XP SP2 (64-bit) Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 AND Microsoft Windows XP x64 Edition SP2 is installed OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 (x64-bit) Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 (ia64) Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.3271 OR Windows Media Player 9 on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4074 OR Windows Media Player 10 on Windows XP SP2 (x64-bit) Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 AND Microsoft Windows XP x64 Edition SP2 is installed OR Windows Media Player 10 on Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 OR Windows Media Player 10 on Windows Server 2003 SP2 (x64-bit) Microsoft Windows Server 2003 SP2 (x64) is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP SP2/SP3 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v11 is installed. AND the version of Wmp.dll is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows XP SP2 (x64-bit) Windows Media Player v11 is installed. AND the version of Wmp.dll is less than 11.0.5721.5268 AND Microsoft Windows XP x64 Edition SP2 is installed OR Windows Media Player 11 on Windows Vista (32-bit)/(64-bit) IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND the version of Spwmp.dll is greater than or equal 6.0.6000.16000 AND the version of Wmp.dll is less than 11.0.6000.6352 OR Windows Media Player 11 on Windows Vista SP1/Server 2008 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of Spwmp.dll is greater than or equal 6.0.6001.18000 AND the version of Wmp.dll is less than 11.0.6001.7007 OR Windows Media Player 11 on Windows Vista SP2/Server 2008 SP2 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND the version of Spwmp.dll is greater than or equal 6.0.6002.18000 AND the version of Wmp.dll is less than 11.0.6002.18065 OR Windows Media Player 11 on Windows Vista (32-bit)/(64-bit) IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND the version of Wmp.dll is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista SP1/Server 2008 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND the version of Wmp.dll is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista SP2/Server 2008 SP2 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND the version of Wmp.dll is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit IF Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 IF Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386

Definition Id: oval:org.mitre.oval:def:5708

Oval ID:	oval:org.mitre.oval:def:5708
Title:	ATL Object Type Mismatch Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2494	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control HtmlInput Object ActiveX Control
Definition Synopsis:
Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND Check for affected platforms with vulnerable file Check for Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Check for Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Check for Windows XP SP2 (64-bit) and 2003 x86/x64/ia64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 (KB973540) Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 (KB973540) Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP3 x86 (KB973540) Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.4507 AND Wmpdxm.dll version is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86/x64, Server 2003 SP2 x86/x64 (KB973540) Windows Media Player v10 is installed. AND Check for affected platforms with vulnerable file Check for Windows XP SP2/SP3 OS check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND file checks the version of Wmp.dll is less than 10.0.0.4074 AND Wmpdxm.dll version is less than 10.0.0.4074 OR Check for Windows XP x64 SP2, Windows Server 2003 x64 SP2 OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND file checks the version of Wwmp.dll is less than 10.0.0.4006 AND Wwmpdxm.dll version is less than 10.0.0.4006 OR Check for Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND file checks the version of Wmp.dll is less than 10.0.0.4006 AND Wmpdxm.dll version is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP x86 SP2/SP3, XP x64 SP2 (KB973540) OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Windows Media Player v11 is installed. AND file checks the version of Wmp.dll is less than 11.0.5721.5268 AND Wmpdxm.dll version is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows Vista 32-bit/64-bit RTM (KB973540) OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6000.6352 AND Wmpdxm.dll version is less than 11.0.6000.6352 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND file checks the version of Wmp.dll is less than 11.0.6000.6511 AND Wmpdxm.dll version is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista 32/64-bit SP1, Server 2008 32/64-bit (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6001.7007 AND Wmpdxm.dll version is less than 11.0.6001.7007 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND file checks the version of Wmp.dll is less than 11.0.6001.7114 AND Wmpdxm.dll version is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista 32/64-bit SP2, Server 2008 32/64-bit SP2 (KB973540) OS Check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6002.18065 AND Wmpdxm.dll version is less than 11.0.6002.18065 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND file checks the version of Wmp.dll is less than 11.0.6002.22172 AND Wmpdxm.dll version is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 OS Check Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit OS Check Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 OS Check Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista OS Check for windows Vista X86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND GRD/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6000.16891 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6000.20000 AND the version of Ehkeyctl.dll is less than 6.0.6000.21090 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP1 OS Check Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND GDR/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6001.18295 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6001.22000 AND the version of Ehkeyctl.dll is less than 6.0.6001.22476 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista SP2 OS check Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND GDR/LDR version check the version of Ehkeyctl.dll is less than 6.0.6002.18072 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6002.22000 AND the version of Ehkeyctl.dll is less than 6.0.6002.22181

Definition Id: oval:org.mitre.oval:def:7573

Oval ID:	oval:org.mitre.oval:def:7573
Title:	ATL Null String Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2495	Version:	15
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Outlook 2002 Microsoft Outlook 2002 is installed AND the version of Outllib.dll is less than 10.0.6856.0 OR Outlook 2003 Microsoft Outlook 2003 is installed AND the version of Outllib.dll is less than 11.0.8313.0 OR Outlook 2007 Microsoft Outlook 2007 is installed AND the version of Outlook.exe is less than 12.0.6514.5000 OR Microsoft Visio Viewer 2002 Microsoft Visio Viewer 2002 is installed OR Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2003 is installed OR Microsoft Office Visio Viewer 2007 Microsoft Office Visio Viewer 2007 is installed AND the version of Vviewer.dll is less than 12.0.6513.5000 OR Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio .NET 2003 SP1 is installed AND the version of Mfc71.dll is less than 7.10.6101.0 OR Microsoft Visual Studio 2005 Service Pack 1 Microsoft Visual Studio 2005 Service Pack 1 is installed AND the version of ATL80.dll is less than 8.0.50727.4053 OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND the version of ATL90.dll is less than 9.0.21022.218 OR Microsoft Visual Studio 2008 Service Pack 1 Microsoft Visual Studio 2008 Service Pack 1 is installed AND the version of ATL90.dll is less than 9.0.30729.4148 OR Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2005 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 OR Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148

Definition Id: oval:org.mitre.oval:def:6478

Oval ID:	oval:org.mitre.oval:def:6478
Title:	ATL Null String Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2495	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003	Product(s):	Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007
Definition Synopsis:
Outlook 2002 Microsoft Outlook 2002 is installed AND the version of Outllib.dll is less than 10.0.6856.0 OR Outlook 2003 Microsoft Outlook 2003 is installed AND the version of Outllib.dll is less than 11.0.8313.0 OR Outlook 2007 Microsoft Outlook 2007 is installed AND the version of Outlook.exe is less than 12.0.6514.5000 OR Microsoft Visio Viewer 2002 Microsoft Visio Viewer 2002 is installed OR Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2003 is installed OR Microsoft Office Visio Viewer 2007 Microsoft Office Visio Viewer 2007 is installed AND the version of Vviewer.dll is less than 12.0.6513.5000

Definition Id: oval:org.mitre.oval:def:6305

Oval ID:	oval:org.mitre.oval:def:6305
Title:	ATL Null String Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2495	Version:	12
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio .NET 2003 SP1 is installed AND the version of Mfc71.dll is less than 7.10.6101.0 OR Microsoft Visual Studio 2005 Service Pack 1 Microsoft Visual Studio 2005 Service Pack 1 is installed AND the version of ATL80.dll is less than 8.0.50727.4053 OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND the version of ATL90.dll is less than 9.0.21022.218 OR Microsoft Visual Studio 2008 Service Pack 1 Microsoft Visual Studio 2008 Service Pack 1 is installed AND the version of ATL90.dll is less than 9.0.30729.4148 OR Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2005 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 OR Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Visual C++ cpe:/a:microsoft:visual_c++:2008:redistribution_pkg cpe:/a:microsoft:visual_c++:2008:sp1_redistribution_pkg cpe:/a:microsoft:visual_c++:2005:sp1_redistribution_pkg	3
Application	Microsoft Visual Studio cpe:/a:microsoft:visual_studio:2008:sp1 cpe:/a:microsoft:visual_studio:2008 cpe:/a:microsoft:visual_studio:2005:sp1 cpe:/a:microsoft:visual_studio:2005:sp1:64_bit_hosted_visual_c++_tools	4
Application	Microsoft Visual Studio .Net cpe:/a:microsoft:visual_studio_.net:2003:sp1	1
Os	Microsoft Windows 2000 cpe:/o:microsoft:windows_2000:-:sp4	1
Os	Microsoft Windows 2003 Server cpe:/o:microsoft:windows_2003_server:-:sp2:itanium cpe:/o:microsoft:windows_2003_server:-:sp2 cpe:/o:microsoft:windows_2003_server:-:sp2:x64	3
Os	Microsoft Windows Server cpe:/o:microsoft:windows_server:2008:-:x32 cpe:/o:microsoft:windows_server:2008:::itanium cpe:/o:microsoft:windows_server:2008:-:x64	3
Os	Microsoft Windows Server 2003 cpe:/o:microsoft:windows_server_2003::sp2:itanium cpe:/o:microsoft:windows_server_2003::sp2:x64 cpe:/o:microsoft:windows_server_2003::sp2	3
Os	Microsoft Windows Server 2008 cpe:/o:microsoft:windows_server_2008:-:sp2:itanium cpe:/o:microsoft:windows_server_2008:-:sp2:x32 cpe:/o:microsoft:windows_server_2008:-:-:x64 cpe:/o:microsoft:windows_server_2008:-:-:x32 cpe:/o:microsoft:windows_server_2008:-:sp2:x64 cpe:/o:microsoft:windows_server_2008:::itanium	6
Os	Microsoft Windows Vista cpe:/o:microsoft:windows_vista:-:sp1 cpe:/o:microsoft:windows_vista:-:sp2 cpe:/o:microsoft:windows_vista:-:-:x64 cpe:/o:microsoft:windows_vista cpe:/o:microsoft:windows_vista::sp2:x64 cpe:/o:microsoft:windows_vista::sp1:x64	6
Os	Microsoft Windows Xp cpe:/o:microsoft:windows_xp:-:sp2:x64 cpe:/o:microsoft:windows_xp:-:sp2 cpe:/o:microsoft:windows_xp:-:sp3 cpe:/o:microsoft:windows_xp::sp2:professional_x64	4

SAINT Exploits

Description	Link
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow	More info here
Visual Studio Active Template Library uninitialized object	More info here
Visual Studio Active Template Library object type mismatch vulnerability	More info here

Open Source Vulnerability Database (OSVDB)

id	Description
56910	Microsoft Visual Studio Active Template Library (ATL) Header Mismatch Remote ...
56905	Microsoft .NET Framework Request Scheduling Crafted HTTP Request Remote DoS
56699	Microsoft Visual Studio Active Template Library (ATL) String Manipulation Arb...
56698	Microsoft Visual Studio Active Template Library (ATL) Data Stream Object Inst...
56696	Microsoft Visual Studio Active Template Library (ATL) Headers VariantClear Co...
56272	Microsoft Video ActiveX (msvidctl.dll) Unspecified Remote Arbitrary Code Exec...
55651	Microsoft DirectShow Video Streaming ActiveX (msvidctl.dll) IMPEG2TuneRequest...

Metasploit Database

id	Description
2009-07-05	Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-11 00:49:30	Multiple Updates

Type	Count
Oval ID(s)	19
CPE ID(s)	34
Saint Exploit(s)	3
osvdb(s)	7
Metasploit Exploit(s)	1

Related	Severity
TA09-223A	(Critical)
MS11-703	(Critical)
MS09-037	(Critical)
MS09-034	(Critical)
MS07-012	(Critical)
CVE-2009-2494	(Critical)
VU#456745	(Critical)
TA09-209A	(Critical)
SUN-264648	(Critical)
MS11-025	(Critical)
MS10-083	(Critical)
MS10-036	(Critical)
MS09-072	(Critical)
MS09-060	(Critical)
MS09-055	(Critical)
KB973882	(Critical)
HPSBMA02488 SSR...	(Critical)
CVE-2009-2493	(Critical)
CVE-2009-0901	(Critical)
CVE-2008-0020	(Critical)
CVE-2008-0015	(Critical)
CVE-2009-2495	(High)
CVE-2009-1536	(Low)
cisco-sa-200907...	(N/A)