Executive Summary

Summary
TitleVulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
Informations
NameMS09-035First vendor Publication2009-07-28
VendorMicrosoftLast vendor Modification2011-07-27
Severity (Vendor) ModerateRevision3.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V3.1 (July 27, 2011): Corrected the update verification information for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package, Microsoft Visual C++ 2008 Redistributable Package, and Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package. Removed the registry key information in favor of product codes. This is an informational change only.Summary: This security update addresses several privately reported vulnerabilities in the public versions of the Microsoft Active Template Library (ATL) included with Visual Studio. This security update is specifically intended for developers of components and controls. Developers who build and redistribute components and controls using ATL should install the update provided in this bulletin and follow the guidance provided to create, and distribute to their customers, components and controls that are not vulnerable to the vulnerabilities described in this security bulletin.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS09-035.mspx

CWE : Common Weakness Enumeration

idName
CWE-94Failure to Control Generation of Code ('Code Injection')
CWE-264Permissions, Privileges, and Access Controls
CWE-200Information Exposure
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:7436
 
Oval ID: oval:org.mitre.oval:def:7436
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6363
 
Oval ID: oval:org.mitre.oval:def:6363
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6333
 
Oval ID: oval:org.mitre.oval:def:6333
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5850
 
Oval ID: oval:org.mitre.oval:def:5850
Title: ATL Header Memcopy Vulnerability
Description: Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption, aka "ATL Header Memcopy Vulnerability," a different vulnerability than CVE-2008-0015.
Family: windows Class: vulnerability
Reference(s): CVE-2008-0020
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7581
 
Oval ID: oval:org.mitre.oval:def:7581
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 32
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6373
 
Oval ID: oval:org.mitre.oval:def:6373
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 2
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6311
 
Oval ID: oval:org.mitre.oval:def:6311
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6289
 
Oval ID: oval:org.mitre.oval:def:6289
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6393
 
Oval ID: oval:org.mitre.oval:def:6393
Title: Remote Unauthenticated Denial of Service in ASP.NET Vulnerability
Description: ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service (daemon outage) via a series of crafted HTTP requests, aka "Remote Unauthenticated Denial of Service in ASP.NET Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1536
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft .NET Framework
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6716
 
Oval ID: oval:org.mitre.oval:def:6716
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 34
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Internet Explorer
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6621
 
Oval ID: oval:org.mitre.oval:def:6621
Title: ATL COM Initialization Vulnerability (CVE-2009-2493)
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft Internet Explorer
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6473
 
Oval ID: oval:org.mitre.oval:def:6473
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 2
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6421
 
Oval ID: oval:org.mitre.oval:def:6421
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6304
 
Oval ID: oval:org.mitre.oval:def:6304
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6245
 
Oval ID: oval:org.mitre.oval:def:6245
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5708
 
Oval ID: oval:org.mitre.oval:def:5708
Title: ATL Object Type Mismatch Vulnerability
Description: The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2494
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7573
 
Oval ID: oval:org.mitre.oval:def:7573
Title: ATL Null String Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2495
Version: 21
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6478
 
Oval ID: oval:org.mitre.oval:def:6478
Title: ATL Null String Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2495
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6305
 
Oval ID: oval:org.mitre.oval:def:6305
Title: ATL Null String Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2495
Version: 15
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3
Application4
Application1
Os1
Os3
Os3
Os3
Os6
Os6
Os4

SAINT Exploits

DescriptionLink
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest OverflowMore info here
Visual Studio Active Template Library uninitialized objectMore info here
Visual Studio Active Template Library object type mismatch vulnerabilityMore info here

OpenVAS Exploits

DateDescription
2010-12-13Name : Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)
File : nvt/gb_ms09-036.nasl
2010-03-16Name : FreeBSD Ports: openoffice.org
File : nvt/freebsd_openoffice.org.nasl
2009-12-04Name : MS Internet Explorer 'Style' Object Remote Code Execution Vulnerability
File : nvt/gb_ms_ie_style_object_remote_code_exec_vuln.nasl
2009-11-11Name : SLES11: Security update for IBM Java 1.6.0
File : nvt/sles11_java-1_6_0-ibm1.nasl
2009-10-14Name : Microsoft Windows ATL COM Initialization Code Execution Vulnerability (973525)
File : nvt/secpod_ms09-055.nasl
2009-10-14Name : MS ATL ActiveX Controls for MS Office Could Allow Remote Code Execution (973965)
File : nvt/secpod_ms09-060.nasl
2009-08-14Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
File : nvt/secpod_ms09-037.nasl
2009-08-03Name : Microsoft Visual Studio ATL Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-035.nasl
2009-07-09Name : Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
File : nvt/gb_ms_video_actvx_bof_vuln_jul09.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
56910Microsoft Visual Studio Active Template Library (ATL) Header Mismatch Remote ...
56905Microsoft .NET Framework Request Scheduling Crafted HTTP Request Remote DoS
56699Microsoft Visual Studio Active Template Library (ATL) String Manipulation Arb...
56698Microsoft Visual Studio Active Template Library (ATL) Data Stream Object Inst...
56696Microsoft Visual Studio Active Template Library (ATL) Headers VariantClear Co...
56272Microsoft Video ActiveX (msvidctl.dll) Unspecified Remote Arbitrary Code Exec...
55651Microsoft DirectShow Video Streaming ActiveX (msvidctl.dll) IMPEG2TuneRequest...

Information Assurance Vulnerability Management (IAVM)

DateDescription
2009-10-15IAVM : 2009-A-0097 - Multiple Vulnerabilities in Microsoft Active Template Library
Severity : Category II - VMSKEY : V0021756
2009-08-13IAVM : 2009-B-0036 - Microsoft ASP.NET Denial of Service Vulnerability
Severity : Category I - VMSKEY : V0019878
2009-08-13IAVM : 2009-A-0067 - Multiple Vulnerabilities in Microsoft Active Template Library
Severity : Category II - VMSKEY : V0019882
2009-07-30IAVM : 2009-B-0033 - Multiple Vulnerabilities in Visual Studio Active Template Library
Severity : Category II - VMSKEY : V0019798

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt
RuleID : 20744 - Revision : 6 - Type : OS-WINDOWS
2014-01-10Microsoft DirectShow 3 ActiveX exploit via JavaScript
RuleID : 16602 - Revision : 9 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Excel Add-in for SQL Analysis Services 4 ActiveX clsid unicode access
RuleID : 16166 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10Microsoft Office Excel Add-in for SQL Analysis Services 4 ActiveX clsid access
RuleID : 16165 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Excel Add-in for SQL Analysis Services 3 ActiveX clsid unicode access
RuleID : 16164 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10Microsoft Office Excel Add-in for SQL Analysis Services 3 ActiveX clsid access
RuleID : 16163 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Excel Add-in for SQL Analysis Services 2 ActiveX clsid unicode access
RuleID : 16162 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10Microsoft Office Excel Add-in for SQL Analysis Services 2 ActiveX clsid access
RuleID : 16161 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Excel Add-in for SQL Analysis Services 1 ActiveX clsid unicode access
RuleID : 16160 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10Microsoft Office Excel Add-in for SQL Analysis Services 1 ActiveX clsid access
RuleID : 16159 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 6 ActiveX function call unicode access
RuleID : 15905 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 6 ActiveX function call access
RuleID : 15904 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10Microsoft ASP.NET bad request denial of service attempt
RuleID : 15851 - Revision : 7 - Type : SERVER-IIS
2014-01-10Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding
RuleID : 15679 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Microsoft DirectShow ActiveX exploit via JavaScript
RuleID : 15678 - Revision : 9 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 9 ActiveX clsid unicode access
RuleID : 15677 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 9 ActiveX clsid access
RuleID : 15676 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 8 ActiveX clsid unicode access
RuleID : 15675 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 8 ActiveX clsid access
RuleID : 15674 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 7 ActiveX clsid unicode access
RuleID : 15673 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 7 ActiveX clsid access
RuleID : 15672 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 6 ActiveX function call
RuleID : 15671 - Revision : 14 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 6 ActiveX clsid access
RuleID : 15670 - Revision : 14 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 5 ActiveX clsid unicode access
RuleID : 15669 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 5 ActiveX clsid access
RuleID : 15668 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 45 ActiveX clsid unicode access
RuleID : 15667 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 45 ActiveX clsid access
RuleID : 15666 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 44 ActiveX clsid unicode access
RuleID : 15665 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 44 ActiveX clsid access
RuleID : 15664 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 43 ActiveX clsid unicode access
RuleID : 15663 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 43 ActiveX clsid access
RuleID : 15662 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 42 ActiveX clsid unicode access
RuleID : 15661 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 42 ActiveX clsid access
RuleID : 15660 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 41 ActiveX clsid unicode access
RuleID : 15659 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 41 ActiveX clsid access
RuleID : 15658 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 40 ActiveX clsid unicode access
RuleID : 15657 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 40 ActiveX clsid access
RuleID : 15656 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 4 ActiveX clsid unicode access
RuleID : 15655 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 4 ActiveX clsid access
RuleID : 15654 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 39 ActiveX clsid unicode access
RuleID : 15653 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 39 ActiveX clsid access
RuleID : 15652 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 38 ActiveX clsid unicode access
RuleID : 15651 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 38 ActiveX clsid access
RuleID : 15650 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 37 ActiveX clsid unicode access
RuleID : 15649 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 37 ActiveX clsid access
RuleID : 15648 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 36 ActiveX clsid unicode access
RuleID : 15647 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 36 ActiveX clsid access
RuleID : 15646 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 35 ActiveX clsid unicode access
RuleID : 15645 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 35 ActiveX clsid access
RuleID : 15644 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 34 ActiveX clsid unicode access
RuleID : 15643 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 34 ActiveX clsid access
RuleID : 15642 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 33 ActiveX clsid unicode access
RuleID : 15641 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 33 ActiveX clsid access
RuleID : 15640 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 32 ActiveX clsid unicode access
RuleID : 15639 - Revision : 10 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 32 ActiveX clsid access
RuleID : 15638 - Revision : 14 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 31 ActiveX clsid unicode access
RuleID : 15637 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 31 ActiveX clsid access
RuleID : 15636 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 30 ActiveX clsid unicode access
RuleID : 15635 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 30 ActiveX clsid access
RuleID : 15634 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 3 ActiveX clsid unicode access
RuleID : 15633 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 3 ActiveX clsid access
RuleID : 15632 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 29 ActiveX clsid unicode access
RuleID : 15631 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 29 ActiveX clsid access
RuleID : 15630 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 28 ActiveX clsid unicode access
RuleID : 15629 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 28 ActiveX clsid access
RuleID : 15628 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 27 ActiveX clsid unicode access
RuleID : 15627 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 27 ActiveX clsid access
RuleID : 15626 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 26 ActiveX clsid unicode access
RuleID : 15625 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 26 ActiveX clsid access
RuleID : 15624 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 25 ActiveX clsid unicode access
RuleID : 15623 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 25 ActiveX clsid access
RuleID : 15622 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 24 ActiveX clsid unicode access
RuleID : 15621 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 24 ActiveX clsid access
RuleID : 15620 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 23 ActiveX clsid unicode access
RuleID : 15619 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 23 ActiveX clsid access
RuleID : 15618 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 22 ActiveX clsid unicode access
RuleID : 15617 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 22 ActiveX clsid access
RuleID : 15616 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 21 ActiveX clsid unicode access
RuleID : 15615 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 21 ActiveX clsid access
RuleID : 15614 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 20 ActiveX clsid unicode access
RuleID : 15613 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 20 ActiveX clsid access
RuleID : 15612 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 2 ActiveX clsid unicode access
RuleID : 15611 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 2 ActiveX clsid access
RuleID : 15610 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 19 ActiveX clsid unicode access
RuleID : 15609 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 19 ActiveX clsid access
RuleID : 15608 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 18 ActiveX clsid unicode access
RuleID : 15607 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 18 ActiveX clsid access
RuleID : 15606 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 17 ActiveX clsid unicode access
RuleID : 15605 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 17 ActiveX clsid access
RuleID : 15604 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 16 ActiveX clsid unicode access
RuleID : 15603 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 16 ActiveX clsid access
RuleID : 15602 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 15 ActiveX clsid unicode access
RuleID : 15601 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 15 ActiveX clsid access
RuleID : 15600 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 14 ActiveX clsid unicode access
RuleID : 15599 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 14 ActiveX clsid access
RuleID : 15598 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 13 ActiveX clsid unicode access
RuleID : 15597 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 13 ActiveX clsid access
RuleID : 15596 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 12 ActiveX clsid unicode access
RuleID : 15595 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 12 ActiveX clsid access
RuleID : 15594 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 11 ActiveX clsid unicode access
RuleID : 15593 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 11 ActiveX clsid access
RuleID : 15592 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 10 ActiveX clsid unicode access
RuleID : 15591 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 10 ActiveX clsid access
RuleID : 15590 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Video 1 ActiveX clsid unicode access
RuleID : 15589 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Microsoft Video 1 ActiveX clsid access
RuleID : 15588 - Revision : 12 - Type : BROWSER-PLUGINS

Metasploit Database

idDescription
2009-07-05 Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption

Nessus® Vulnerability Scanner

DateDescription
2011-01-27Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-6386.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-6741.nasl - Type : ACT_GATHER_INFO
2010-03-01Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c97d7a37223311df96dd001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-02-12Name : The remote Windows host has a program affected by multiple buffer overflows.
File : openoffice_32.nasl - Type : ACT_GATHER_INFO
2010-01-08Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-6740.nasl - Type : ACT_GATHER_INFO
2009-12-27Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12564.nasl - Type : ACT_GATHER_INFO
2009-12-08Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms09-072.nasl - Type : ACT_GATHER_INFO
2009-11-05Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-091102.nasl - Type : ACT_GATHER_INFO
2009-10-14Name : Arbitrary code can be executed on the remote host through Microsoft Office Ac...
File : smb_nt_ms09-060.nasl - Type : ACT_GATHER_INFO
2009-10-13Name : The remote Windows host has multiple ActiveX controls that are affected by mu...
File : smb_nt_ms09-055.nasl - Type : ACT_GATHER_INFO
2009-10-06Name : The remote openSUSE host is missing a security update.
File : suse_flash-player-6387.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-11Name : The remote .Net Framework is susceptible to a denial of service attack.
File : smb_nt_ms09-036.nasl - Type : ACT_GATHER_INFO
2009-08-11Name : Arbitrary code can be executed on the remote host through Microsoft Active Te...
File : smb_nt_ms09-037.nasl - Type : ACT_GATHER_INFO
2009-08-05Name : The remote openSUSE host is missing a security update.
File : suse_11_1_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-05Name : The remote openSUSE host is missing a security update.
File : suse_11_0_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-07-30Name : Arbitrary code can be executed on the remote host through Microsoft Active Te...
File : smb_nt_ms09-035.nasl - Type : ACT_GATHER_INFO
2009-07-30Name : The remote Windows host contains a browser plugin that is affected by multipl...
File : flash_player_apsb09_10.nasl - Type : ACT_GATHER_INFO
2009-07-29Name : The remote Windows host contains an Internet Explorer plugin which uses a vul...
File : shockwave_player_apsb09_11.nasl - Type : ACT_GATHER_INFO
2009-07-07Name : The remote Windows host is missing a security update containing ActiveX kill ...
File : smb_kb_972890.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 11:46:17
  • Multiple Updates
2013-11-11 12:41:12
  • Multiple Updates
2013-05-11 00:49:30
  • Multiple Updates