The remote Windows host contains a version of the Microsoft Active Template Library (ATL), included as part of Visual Studio or Visual C++, that is affected by multiple vulnerabilities :

  - A remote code execution issue affects the Microsoft     Video ActiveX Control due to the a flaw in the function     'CComVariant::ReadFromStream' used in the ATL header,     which fails to properly restrict untrusted data read     from a stream. (CVE-2008-0015)

  - A remote code execution issue exists in the Microsoft     Active Template Library due to an error in the 'Load'     method of the 'IPersistStreamInit' interface, which     could allow calls to 'memcpy' with untrusted data.
    (CVE-2008-0020)

  - An issue in the ATL headers could allow an attacker to     force VariantClear to be called on a VARIANT that has     not been correctly initialized and, by supplying a     corrupt stream, to execute arbitrary code.
    (CVE-2009-0901)

  - Unsafe usage of 'OleLoadFromStream' could allow     instantiation of arbitrary objects which can bypass     related security policy, such as kill bits within     Internet Explorer. (CVE-2009-2493)

  - A bug in the ATL header could allow reading a variant     from a stream and leaving the variant type read with     an invalid variant, which could be leveraged by an     attacker to execute arbitrary code remotely.
    (CVE-2009-2494)

Detections

Analytics

MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)

critical Nessus Plugin ID 40556

Version 1.30