[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Remote Code Execution Vulnerabilities in Microsoft Active Template Library (ATL) - MS09-037

ID: oval:org.secpod.oval:def:2621Date: (C)2011-11-11   (M)2017-10-04
Class: PATCHFamily: windows




The host is missing a critical security update according to Microsoft security bulletin, MS09-037. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) header. Components and controls built using ATL headers fails to safely initialize from a data and also does not provide updated versions. Successful exploitation allows an attacker to execute arbitrary code or take complete control of an affected system

Platform:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product:
Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Reference:
MS09-037
CVE-2008-0015
CVE-2008-0020
CVE-2009-0901
CVE-2009-2493
CVE-2009-2494
CVE    5
CVE-2009-2494
CVE-2009-2493
CVE-2008-0015
CVE-2008-0020
...
CPE    37
cpe:/a:microsoft:outlook_express:6.00.2800.1106
cpe:/o:microsoft:windows_vista::sp1:x86
cpe:/o:microsoft:windows_xp::sp2:x86
cpe:/o:microsoft:windows_xp::sp3:x86
...
XCCDF    6
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
xccdf_com.secpod_benchmark_microsoft-windows-2000
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2003
...

© 2013 SecPod Technologies