CVE-2009-0901

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."

References

http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx

http://marc.info/?l=bugtraq&m=126592505426855&w=2

http://secunia.com/advisories/35967

http://secunia.com/advisories/36187

http://secunia.com/advisories/36374

http://secunia.com/advisories/36746

http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1

http://www.adobe.com/support/security/advisories/apsa09-04.html

http://www.adobe.com/support/security/bulletins/apsb09-10.html

http://www.adobe.com/support/security/bulletins/apsb09-11.html

http://www.adobe.com/support/security/bulletins/apsb09-13.html

http://www.novell.com/support/viewContent.do?externalId=7004997&sliceId=1

http://www.securityfocus.com/bid/35832

http://www.us-cert.gov/cas/techalerts/TA09-195A.html

http://www.us-cert.gov/cas/techalerts/TA09-223A.html

http://www.us-cert.gov/cas/techalerts/TA09-286A.html

http://www.vupen.com/english/advisories/2009/2034

http://www.vupen.com/english/advisories/2009/2232

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-035

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-060

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6289

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6311

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6373

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7581

Details

Source: MITRE

Published: 2009-07-29

Updated: 2018-10-12

Type: CWE-94

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
108811Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)NessusWindows
critical
51731SuSE 10 Security Update : flash-player (ZYPP Patch Number 6386)NessusSuSE Local Security Checks
high
42116MS09-060: Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)NessusWindows : Microsoft Bulletins
high
42001openSUSE 10 Security Update : flash-player (flash-player-6387)NessusSuSE Local Security Checks
high
41392SuSE 11 Security Update : flash-player (SAT Patch Number 1149)NessusSuSE Local Security Checks
high
40556MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)NessusWindows : Microsoft Bulletins
high
40489openSUSE Security Update : flash-player (flash-player-1148)NessusSuSE Local Security Checks
high
40488openSUSE Security Update : flash-player (flash-player-1148)NessusSuSE Local Security Checks
high
40435MS09-035: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)NessusWindows : Microsoft Bulletins
high
40434Flash Player < 9.0.246.0 / 10.0.32.18 Multiple Vulnerabilities (APSB09-10)NessusWindows
high
40421Shockwave Player < 11.5.0.601 Multiple Vulnerabilities (APSB09-11)NessusWindows
high