Microsoft ATL Multiple ActiveX Remote Code Executions (MS09-037; CVE-2008-0020; CVE-2009-2493; CVE-2009-2494)

The Active Template Library ATL is a set of template-based C++ classes that simplify the programming of Component Object Model COM objects. Multiple remote code execution vulnerabilities have been reported in the Microsoft ATL. The vulnerabilities are due to an error in the Load method of the...

iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Information Disclosure Vulnerability

iDefense Security Advisory 07.28.09 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 28, 2009 I. BACKGROUND Microsoft's Component Object Model COM was designed to allow interoperability between disjointed software components. It is a standardized interface solution to the programming...

Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)

This host is missing a critical security update according to Microsoft Bulletin MS09-037. OpenVAS Vulnerability Test $Id: secpodms09-037.nasl 5363 2017-02-20 13:07:22Z cfi $ Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution 973908 Authors: Antu Sanadi Updated By: Madhuri D on...

ActiveX controls built with Microsoft ATL fail to properly handle initialization data

Overview ActiveX controls that are built using a Microsoft ATL template may fail to properly handle initialization data, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Active Template Library ATL is a set of C++ classes...