CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
98.9%
ActiveX controls that are built using a Microsoft ATL template may fail to properly handle initialization data, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
OleLoadFromStream
, and the failure to check for a terminating NULL character. This may result in memory corruption that can be leveraged to execute code, or it may bypass Internet Explorer kill bit restrictions on unsafe controls.Apply an update This vulnerability has been addressed in the update for Internet Explorer provided in Microsoft Security Bulletin MS09-034. This update helps prevent ActiveX controls that were built with the vulnerable ATL versions from being initialized with unsafe data patterns in Internet Explorer. This also includes techniques that can be used to bypass the kill bit in Internet Explorer.
Update and recompile ActiveX controls
Developers who have created ActiveX controls using Microsoft ATL should install the update for Microsoft Security Bulletin MS09-035 and recompile the ActiveX controls. This will cause the controls to use an updated ATL version that addresses these vulnerabilities.
Disable ActiveX
456745
Filter by status: All Affected Not Affected Unknown
Filter by content: __Additional information available
__Sort by: Status Alphabetical
Expand all
Javascript is disabled. Clickhere to view vendors.
Updated: July 30, 2009
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see the Adobe PSIRT blog entry: Impact of Microsoft ATL vulnerability on Adobe Products. Adobe has relased APSB09-11 for Shockwave Player and APSB09-10 for Flash Player.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: July 28, 2009 Updated: July 29, 2009
Statement Date: July 29, 2009
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 29, 2009
Statement Date: July 29, 2009
Affected
We have not received a statement from the vendor.
Cisco Systems has published Cisco Security Advisory cisco-sa-20090728-activex in response to this issue. Users of the affected product(s) should review this advisory and apply the mitigations it describes.
Notified: July 28, 2009 Updated: July 29, 2009
Affected
We have not received a statement from the vendor.
FirePass Controls for 5.5,5.5.1,5.5.2, 6.02, and 6.03; SAM 8.0 Controls are affected.
Updated: July 28, 2009
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Apply an update
This vulnerability has been addressed in the update for Internet Explorer provided in Microsoft Security Bulletin MS09-034. This update helps prevent ActiveX controls that were built with the vulnerable ATL versions from being initialized with unsafe data patterns in Internet Explorer. This also includes techniques that can be used to bypass the kill bit in Internet Explorer.
Update and recompile ActiveX controls
Developers who have created ActiveX controls using Microsoft ATL should install the update for Microsoft Security Bulletin MS09-035 and recompile the ActiveX controls. This will cause the controls to use an updated ATL version that addresses these vulnerabilities.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Updated: August 04, 2009
Statement Date: August 03, 2009
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see the OSISoft Security Alert for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: July 28, 2009 Updated: February 24, 2010
Affected
We have not received a statement from the vendor.
Please see SoftArtisans support document 1331.
Notified: July 28, 2009 Updated: October 28, 2009
Statement Date: July 30, 2009
Affected
We have not received a statement from the vendor.
The XTSAC.cab file, which is used in the SSL-VPN 200, 2000 and 4000 products for IE browser-based RDP connections is affected by the issue.
SonicWALL has addressed VU#456745 for the following products at the specified firmware version:
SSL-VPN 200: 3.5.0.2-7sv (posted 9/16/2009)
SSL-VPN 2000/4000: 3.5.0.11-29sv (posted 9/16/2009)
Updated: August 05, 2009
Statement Date: August 05, 2009
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see Sun Alert 264648 for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: July 28, 2009 Updated: July 31, 2009
Not Affected
No Apple products are affected by the ATL issue.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 29, 2009
Statement Date: July 28, 2009
Not Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 30, 2009
Not Affected
We have not received a statement from the vendor.
This issue does not affect us since our ActiveX controls are based on MFC and do not use ATL templates.
Notified: July 28, 2009 Updated: August 04, 2009
Statement Date: July 31, 2009
Not Affected
Our development team has confirmed that VU#456745 does not affect any of our products.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 28, 2009 Updated: July 28, 2009
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
View all 70 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | 0 | AV:–/AC:–/Au:–/C:–/I:–/A:– |
Temporal | 0 | E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND) |
Environmental | 0 | CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND) |
Thanks to Microsoft for reporting this vulnerability, who in turn credit David Dewey of IBM ISS X-Force and Ryan Smith of Verisign iDefense labs.
This document was written by Will Dormann.
CVE IDs: | CVE-2009-0901, CVE-2009-2493, CVE-2009-2495 |
---|---|
Severity Metric: | 47.08 Date Public: |
addxorrol.blogspot.com/2009/07/poking-around-msvidctldll.html
blogs.adobe.com/psirt/2009/07/impact_of_microsoft_atl_vulner.html
blogs.msdn.com/sdl/archive/2009/07/28/atl-ms09-035-and-the-sdl.aspx
blogs.technet.com/bluehat/archive/2009/07/27/black-hat-usa-atl-killbit-bypass.aspx
blogs.technet.com/ecostrat/archive/2009/07/27/threat-complexity-requires-new-levels-of-collaboration.aspx
blogs.technet.com/msrc/archive/2009/07/28/microsoft-security-advisory-973882-microsoft-security-bulletins-ms09-034-and-ms09-035-released.aspx
blogs.technet.com/srd/archive/2009/07/28/atl-vulnerability-developer-deep-dive.aspx
blogs.technet.com/srd/archive/2009/07/28/internet-explorer-mitigations-for-atl-data-stream-vulnerabilities.aspx
blogs.technet.com/srd/archive/2009/07/28/msvidctl-ms09-032-and-the-atl-vulnerability.aspx
blogs.technet.com/srd/archive/2009/07/28/overview-of-the-out-of-band-release.aspx
msdn.microsoft.com/en-us/library/aa751977(VS.85).aspx
msdn.microsoft.com/en-us/library/ms680103(VS.85).aspx
msdn.microsoft.com/en-us/library/t9adwcde(VS.80).aspx
support.microsoft.com/kb/168371
support.microsoft.com/kb/240797
support.softartisans.com/kbview.aspx?ID=1331
www.adobe.com/support/security/advisories/apsa09-04.html
www.adobe.com/support/security/bulletins/apsb09-10.html
www.adobe.com/support/security/bulletins/apsb09-11.html
www.microsoft.com/security/atl.aspx
www.microsoft.com/technet/security/advisory/973882.mspx
www.microsoft.com/technet/security/bulletin/ms09-034.mspx
www.microsoft.com/technet/security/bulletin/ms09-035.mspx