Visual Studio Active Template Library object type mismatch vulnerability

Added: 08/24/2009
CVE: CVE-2009-2494
BID: 35982
OSVDB: 56910

Background

Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Visual Studio uses Microsoft Active Template Library (ATL), which is a set of template-based C++ classes, to help simplify the programming of Component Object Model (COM) objects.

Problem

Microsoft ATL allows command execution due to an erroneous free operation after a program reads a variant from a stream and deletes this variant.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 09-037.

References

http://www.microsoft.com/technet/security/bulletin/MS09-037.mspx

Limitations

Exploit works on Windows XP SP3 and requires a user to open the exploit page in Internet Explorer 6.

On the target machine, "Initialize and Script ActiveX controls not marked as safe" must be enabled in the Security Settings for Internet Explorer.

Platforms

Windows XP

Back to exploit index