(Microsoft Issues Fix for Office) Microsoft Visual Studio Active Template Library Bugs Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1023015 |
|
SecurityTracker URL: http://securitytracker.com/id/1023015
|
|
CVE Reference:
CVE-2009-0901, CVE-2009-2493, CVE-2009-2495
(Links to External Site)
|
Date: Oct 13 2009
|
Impact:
Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): XP SP3, 2003 SP3, 2007 SP2; and prior service packs
|
Description:
Several vulnerabilities were reported in Microsoft Visual Studio. A remote user can cause arbitrary code to be executed on the target user's system. Microsoft Office is affected.
A remote user can create a specially crafted file that, when loaded by the target user, will trigger a flaw in the Microsoft Active Template Library (ATL) and execute arbitrary code on the target system. The code will run with the privileges of the target user.
A specially crafted ATL header can cause the VariantClear() function to be called on an incorrectly initialized VARIANT [CVE-2009-0901].
A specially crafted ATL header can invoke OleLoadFromStream() to instantiate arbitrary objects that can bypass related security policy [CVE-2009-2493].
A specially crafted string without a terminating NULL character may allow a remote user to obtain potentially sensitive information [CVE-2009-2495].
David Dewey of IBM ISS X-Force reported one of the vulnerabilities. Ryan Smith of VeriSign iDefense Labs reported the other two vulnerabilities.
|
Impact:
A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system or access potentially sensitive information on the target user's system.
|
Solution:
Microsoft has issued a fix for Microsoft Office, which is affected by these vulnerabilities.
Microsoft Office XP Service Pack 3, Microsoft Outlook 2002 Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=04878c2c-eb97-426f-be08-89036a6799db
Microsoft Office 2003 Service Pack 3, Microsoft Office Outlook 2003 Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=79e2b2e8-d5e8-4014-b489-720af2b5083d
2007 Microsoft Office System Service Pack 1 and 2007 Microsoft Office System Service Pack 2, Microsoft Office Outlook 2007 Service Pack 1 and Microsoft Office Outlook 2007 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=d39234a3-c62c-44ba-a626-3179a183ca09
Microsoft Office Visio Viewer 2007, Microsoft Office Visio Viewer 2007 Service Pack 1, and Microsoft Office Visio Viewer 2007 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=d20004c5-dd01-459e-8120-5f127e20c085
A restart may be required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms09-060.mspx
|
Vendor URL: www.microsoft.com/technet/security/Bulletin/MS09-060.mspx (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Windows (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Tue, 13 Oct 2009 17:42:42 -0400
Subject: http://www.microsoft.com/technet/security/bulletin/ms09-060.mspx
|
Microsoft Security Bulletin MS09-060 - Critical: Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
CVE-2009-0901
CVE-2009-2493
CVE-2009-2495
|
|
