Executive Summary

Summary
Title Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)
Informations
Name MS09-037 First vendor Publication 2009-08-11
Vendor Microsoft Last vendor Modification 2009-12-16
Severity (Vendor) Critical Revision 2.1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V2.1 (December 16, 2009): Added a link to Microsoft Knowledge Base Article 973908 under Known Issues in the Executive Summary.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS09-037.mspx

CWE : Common Weakness Enumeration

% Id Name
60 % CWE-94 Failure to Control Generation of Code ('Code Injection')
20 % CWE-264 Permissions, Privileges, and Access Controls
20 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5708
 
Oval ID: oval:org.mitre.oval:def:5708
Title: ATL Object Type Mismatch Vulnerability
Description: The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2494
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5850
 
Oval ID: oval:org.mitre.oval:def:5850
Title: ATL Header Memcopy Vulnerability
Description: Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption, aka "ATL Header Memcopy Vulnerability," a different vulnerability than CVE-2008-0015.
Family: windows Class: vulnerability
Reference(s): CVE-2008-0020
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6245
 
Oval ID: oval:org.mitre.oval:def:6245
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6289
 
Oval ID: oval:org.mitre.oval:def:6289
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6304
 
Oval ID: oval:org.mitre.oval:def:6304
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6311
 
Oval ID: oval:org.mitre.oval:def:6311
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6333
 
Oval ID: oval:org.mitre.oval:def:6333
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6363
 
Oval ID: oval:org.mitre.oval:def:6363
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6373
 
Oval ID: oval:org.mitre.oval:def:6373
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 2
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6421
 
Oval ID: oval:org.mitre.oval:def:6421
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6473
 
Oval ID: oval:org.mitre.oval:def:6473
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 2
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6621
 
Oval ID: oval:org.mitre.oval:def:6621
Title: ATL COM Initialization Vulnerability (CVE-2009-2493)
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft Internet Explorer
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6716
 
Oval ID: oval:org.mitre.oval:def:6716
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 37
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Internet Explorer 5
Microsoft Internet Explorer 6
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6.0
Windows Media Player 9
Windows Media Player 10
Windows Media Player 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7436
 
Oval ID: oval:org.mitre.oval:def:7436
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7581
 
Oval ID: oval:org.mitre.oval:def:7581
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 35
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6.0
Windows Media Player 9
Windows Media Player 10
Windows Media Player 11
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6
Application 5
Application 1
Os 2
Os 4
Os 1
Os 8
Os 6
Os 6

SAINT Exploits

Description Link
Visual Studio Active Template Library object type mismatch vulnerability More info here
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow More info here
Visual Studio Active Template Library uninitialized object More info here

ExploitDB Exploits

id Description
2010-04-30 Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption

OpenVAS Exploits

Date Description
2010-03-16 Name : FreeBSD Ports: openoffice.org
File : nvt/freebsd_openoffice.org.nasl
2009-12-04 Name : MS Internet Explorer 'Style' Object Remote Code Execution Vulnerability
File : nvt/gb_ms_ie_style_object_remote_code_exec_vuln.nasl
2009-11-11 Name : SLES11: Security update for IBM Java 1.6.0
File : nvt/sles11_java-1_6_0-ibm1.nasl
2009-10-14 Name : Microsoft Windows ATL COM Initialization Code Execution Vulnerability (973525)
File : nvt/secpod_ms09-055.nasl
2009-10-14 Name : MS ATL ActiveX Controls for MS Office Could Allow Remote Code Execution (973965)
File : nvt/secpod_ms09-060.nasl
2009-08-14 Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
File : nvt/secpod_ms09-037.nasl
2009-08-03 Name : Microsoft Visual Studio ATL Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-035.nasl
2009-07-09 Name : Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
File : nvt/gb_ms_video_actvx_bof_vuln_jul09.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
56910 Microsoft Visual Studio Active Template Library (ATL) Header Mismatch Remote ...

56698 Microsoft Visual Studio Active Template Library (ATL) Data Stream Object Inst...

56696 Microsoft Visual Studio Active Template Library (ATL) Headers VariantClear Co...

56272 Microsoft Video ActiveX (msvidctl.dll) Unspecified Remote Arbitrary Code Exec...

55651 Microsoft DirectShow Video Streaming ActiveX (msvidctl.dll) IMPEG2TuneRequest...

A buffer overflow exists in Windows. The DirectShow ActiveX control fails to validate data passed to the IMPEG2TuneRequest interface resulting in a stack overflow. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Information Assurance Vulnerability Management (IAVM)

Date Description
2009-10-15 IAVM : 2009-A-0097 - Multiple Vulnerabilities in Microsoft Active Template Library
Severity : Category II - VMSKEY : V0021756
2009-08-13 IAVM : 2009-A-0067 - Multiple Vulnerabilities in Microsoft Active Template Library
Severity : Category II - VMSKEY : V0019882
2009-07-30 IAVM : 2009-B-0033 - Multiple Vulnerabilities in Visual Studio Active Template Library
Severity : Category II - VMSKEY : V0019798

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt
RuleID : 20744 - Revision : 7 - Type : OS-WINDOWS
2014-01-10 Microsoft DirectShow 3 ActiveX exploit via JavaScript
RuleID : 16602 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Excel Add-in for SQL Analysis Services 4 ActiveX clsid unicode access
RuleID : 16166 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Excel Add-in for SQL Analysis Services 4 ActiveX clsid access
RuleID : 16165 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Excel Add-in for SQL Analysis Services 3 ActiveX clsid unicode access
RuleID : 16164 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Excel Add-in for SQL Analysis Services 3 ActiveX clsid access
RuleID : 16163 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Excel Add-in for SQL Analysis Services 2 ActiveX clsid unicode access
RuleID : 16162 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Excel Add-in for SQL Analysis Services 2 ActiveX clsid access
RuleID : 16161 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Excel Add-in for SQL Analysis Services 1 ActiveX clsid unicode access
RuleID : 16160 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Excel Add-in for SQL Analysis Services 1 ActiveX clsid access
RuleID : 16159 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 6 ActiveX function call unicode access
RuleID : 15905 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 6 ActiveX function call access
RuleID : 15904 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding
RuleID : 15679 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft DirectShow ActiveX exploit via JavaScript
RuleID : 15678 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 9 ActiveX clsid unicode access
RuleID : 15677 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 9 ActiveX clsid access
RuleID : 15676 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 8 ActiveX clsid unicode access
RuleID : 15675 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 8 ActiveX clsid access
RuleID : 15674 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 7 ActiveX clsid unicode access
RuleID : 15673 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 7 ActiveX clsid access
RuleID : 15672 - Revision : 15 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 6 ActiveX function call
RuleID : 15671 - Revision : 15 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 6 ActiveX clsid access
RuleID : 15670 - Revision : 18 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 5 ActiveX clsid unicode access
RuleID : 15669 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 5 ActiveX clsid access
RuleID : 15668 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 45 ActiveX clsid unicode access
RuleID : 15667 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 45 ActiveX clsid access
RuleID : 15666 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 44 ActiveX clsid unicode access
RuleID : 15665 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 44 ActiveX clsid access
RuleID : 15664 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 43 ActiveX clsid unicode access
RuleID : 15663 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 43 ActiveX clsid access
RuleID : 15662 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 42 ActiveX clsid unicode access
RuleID : 15661 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 42 ActiveX clsid access
RuleID : 15660 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 41 ActiveX clsid unicode access
RuleID : 15659 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 41 ActiveX clsid access
RuleID : 15658 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 40 ActiveX clsid unicode access
RuleID : 15657 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 40 ActiveX clsid access
RuleID : 15656 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 4 ActiveX clsid unicode access
RuleID : 15655 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 4 ActiveX clsid access
RuleID : 15654 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 39 ActiveX clsid unicode access
RuleID : 15653 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 39 ActiveX clsid access
RuleID : 15652 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 38 ActiveX clsid unicode access
RuleID : 15651 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 38 ActiveX clsid access
RuleID : 15650 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 37 ActiveX clsid unicode access
RuleID : 15649 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 37 ActiveX clsid access
RuleID : 15648 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 36 ActiveX clsid unicode access
RuleID : 15647 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 36 ActiveX clsid access
RuleID : 15646 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 35 ActiveX clsid unicode access
RuleID : 15645 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 35 ActiveX clsid access
RuleID : 15644 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 34 ActiveX clsid unicode access
RuleID : 15643 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 34 ActiveX clsid access
RuleID : 15642 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 33 ActiveX clsid unicode access
RuleID : 15641 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 33 ActiveX clsid access
RuleID : 15640 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 32 ActiveX clsid unicode access
RuleID : 15639 - Revision : 10 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 32 ActiveX clsid access
RuleID : 15638 - Revision : 18 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 31 ActiveX clsid unicode access
RuleID : 15637 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 31 ActiveX clsid access
RuleID : 15636 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 30 ActiveX clsid unicode access
RuleID : 15635 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 30 ActiveX clsid access
RuleID : 15634 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 3 ActiveX clsid unicode access
RuleID : 15633 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 3 ActiveX clsid access
RuleID : 15632 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 29 ActiveX clsid unicode access
RuleID : 15631 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 29 ActiveX clsid access
RuleID : 15630 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 28 ActiveX clsid unicode access
RuleID : 15629 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 28 ActiveX clsid access
RuleID : 15628 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 27 ActiveX clsid unicode access
RuleID : 15627 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 27 ActiveX clsid access
RuleID : 15626 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 26 ActiveX clsid unicode access
RuleID : 15625 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 26 ActiveX clsid access
RuleID : 15624 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 25 ActiveX clsid unicode access
RuleID : 15623 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 25 ActiveX clsid access
RuleID : 15622 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 24 ActiveX clsid unicode access
RuleID : 15621 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 24 ActiveX clsid access
RuleID : 15620 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 23 ActiveX clsid unicode access
RuleID : 15619 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 23 ActiveX clsid access
RuleID : 15618 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 22 ActiveX clsid unicode access
RuleID : 15617 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 22 ActiveX clsid access
RuleID : 15616 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 21 ActiveX clsid unicode access
RuleID : 15615 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 21 ActiveX clsid access
RuleID : 15614 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 20 ActiveX clsid unicode access
RuleID : 15613 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 20 ActiveX clsid access
RuleID : 15612 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 2 ActiveX clsid unicode access
RuleID : 15611 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 2 ActiveX clsid access
RuleID : 15610 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 19 ActiveX clsid unicode access
RuleID : 15609 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 19 ActiveX clsid access
RuleID : 15608 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 18 ActiveX clsid unicode access
RuleID : 15607 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 18 ActiveX clsid access
RuleID : 15606 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 17 ActiveX clsid unicode access
RuleID : 15605 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 17 ActiveX clsid access
RuleID : 15604 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 16 ActiveX clsid unicode access
RuleID : 15603 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 16 ActiveX clsid access
RuleID : 15602 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 15 ActiveX clsid unicode access
RuleID : 15601 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 15 ActiveX clsid access
RuleID : 15600 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 14 ActiveX clsid unicode access
RuleID : 15599 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 14 ActiveX clsid access
RuleID : 15598 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 13 ActiveX clsid unicode access
RuleID : 15597 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 13 ActiveX clsid access
RuleID : 15596 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 12 ActiveX clsid unicode access
RuleID : 15595 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 12 ActiveX clsid access
RuleID : 15594 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 11 ActiveX clsid unicode access
RuleID : 15593 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 11 ActiveX clsid access
RuleID : 15592 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 10 ActiveX clsid unicode access
RuleID : 15591 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 10 ActiveX clsid access
RuleID : 15590 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 1 ActiveX clsid unicode access
RuleID : 15589 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 1 ActiveX clsid access
RuleID : 15588 - Revision : 13 - Type : BROWSER-PLUGINS

Metasploit Database

id Description
2009-07-05 Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption

Nessus® Vulnerability Scanner

Date Description
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-6386.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-6741.nasl - Type : ACT_GATHER_INFO
2010-03-01 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c97d7a37223311df96dd001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-02-12 Name : The remote Windows host has a program affected by multiple buffer overflows.
File : openoffice_32.nasl - Type : ACT_GATHER_INFO
2010-01-08 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-6740.nasl - Type : ACT_GATHER_INFO
2009-12-27 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12564.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms09-072.nasl - Type : ACT_GATHER_INFO
2009-11-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-091102.nasl - Type : ACT_GATHER_INFO
2009-10-14 Name : Arbitrary code can be executed on the remote host through Microsoft Office Ac...
File : smb_nt_ms09-060.nasl - Type : ACT_GATHER_INFO
2009-10-13 Name : The remote Windows host has multiple ActiveX controls that are affected by mu...
File : smb_nt_ms09-055.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_flash-player-6387.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : Arbitrary code can be executed on the remote host through Microsoft Active Te...
File : smb_nt_ms09-037.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-07-30 Name : Arbitrary code can be executed on the remote host through Microsoft Active Te...
File : smb_nt_ms09-035.nasl - Type : ACT_GATHER_INFO
2009-07-30 Name : The remote Windows host contains a browser plugin that is affected by multipl...
File : flash_player_apsb09_10.nasl - Type : ACT_GATHER_INFO
2009-07-29 Name : The remote Windows host contains an Internet Explorer plugin which uses a vul...
File : shockwave_player_apsb09_11.nasl - Type : ACT_GATHER_INFO
2009-07-07 Name : The remote Windows host is missing a security update containing ActiveX kill ...
File : smb_kb_972890.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2020-05-23 13:17:13
  • Multiple Updates
2014-02-17 11:46:17
  • Multiple Updates
2014-01-19 21:30:20
  • Multiple Updates
2013-11-11 12:41:12
  • Multiple Updates