Internet threat level: 1
Home→Descriptions→SA35967
Microsoft Visual Studio Active Template Library Three Vulnerabilities
| Secunia ID | |
| CVE-ID | |
| Release Date |
28 Jul 2009 |
| Last Change |
12 Jan 2010 |
| Criticality | |
| Solution Status |
Vendor Patch |
| Software |
Microsoft Visual C++ 2005 Redistributable Package (x86) |
| Where | |
| Impact |
System accessThis covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. Exposure of sensitive informationVulnerabilities where documents or credentials are leaked or can be revealed either locally or from remote. Security BypassThis covers vulnerabilities or security issues where malicious users or people can bypass certain security mechanisms of the application. The actual impact varies significantly depending on the design and purpose of the affected application. |
| Description |
Some vulnerabilities have been reported in Microsoft Visual Studio, which can be exploited by malicious people to potentially bypass security features, gain knowledge of sensitive information, or compromise applications built using ATL (Active Template Library). 1) An error in the ATL headers when handling persisted streams can be exploited to cause VariantClear() to be called on a VARIANT that has not been correctly initialised. This can e.g. be exploited to corrupt memory via a web page passing a specially crafted stream to a vulnerable control. Successful exploitation may allow execution of arbitrary code. 2) An error in the ATL headers when handling object instantiation from data streams may allow bypassing of security policies such as kill-bits in Internet Explorer if a control or component uses OleLoadFromStream() in an unsafe manner. 3) An error in ATL may result in a string being read without terminating NULL bytes, which can be exploited to disclose memory contents beyond the end of the string. |
| Solution |
Apply patches. Microsoft Visual Studio .NET 2003 SP1: Microsoft Visual Studio 2005 SP1: Microsoft Visual Studio 2005 SP1 64-bit Hosted Visual C++ Tools: Windows Embedded CE 6.0: Microsoft Visual Studio 2008: Microsoft Visual Studio 2008 SP1: Microsoft Visual C++ 2005 SP1 Redistributable Package: Microsoft Visual C++ 2008 Redistributable Package: Microsoft Visual C++ 2008 SP1 Redistributable Package: Microsoft Visual Studio 2005 SP1 when developing mobile applications: Microsoft Visual Studio 2008 when developing mobile applications: Microsoft Visual Studio 2008 SP1 when developing mobile applications: NOTE: It is also necessary for developers to rebuild any components and controls created using a vulnerable version of the ATL library. |
| Reported by |
1) The vendor credits David Dewey, IBM ISS X-Force. |
| Original Advisory |
MS09-035 (KB969706, KB971089, KB971090, KB971091, KB971092, KB973544, KB973551, KB973552, KB973830, KB973673, KB973674, KB973675): |
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.