Oval Definition:oval:org.mitre.oval:def:7581
Revision Date:2015-08-10Version:78
Title:ATL Uninitialized Object Vulnerability
Description:The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-0901
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6.0
Microsoft Visio Viewer 2002
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Windows Media Player 10
Windows Media Player 11
Windows Media Player 9
Definition Synopsis
  • Outlook 2002
  • Microsoft Outlook 2002 is installed
  • AND the version of Outllib.dll is less than 10.0.6856.0
  • OR Outlook 2003
  • Microsoft Outlook 2003 is installed
  • AND the version of Outllib.dll is less than 11.0.8313.0
  • OR Outlook 2007
  • Microsoft Outlook 2007
  • Microsoft Outlook 2007 SP1 is installed
  • OR Microsoft Outlook 2007 SP2 is installed
  • AND the version of Outlook.exe is less than 12.0.6514.5000
  • OR Microsoft Visio Viewer 2002 is installed
  • OR Microsoft Office Visio Viewer 2003 is installed
  • OR Microsoft Office Visio Viewer 2007
  • Microsoft Office Visio Viewer 2007 is installed
  • AND the version of Vviewer.dll is less than 12.0.6513.5000
  • OR Microsoft Visual Studio .NET 2003 SP1
  • Microsoft Visual Studio .NET 2003 SP1 is installed
  • AND the version of Mfc71.dll is less than 7.10.6101.0
  • OR Microsoft Visual Studio 2005 SP1
  • Microsoft Visual Studio 2005 Service Pack 1 is installed
  • AND the version of ATL80.dll is less than 8.0.50727.4053
  • AND ATL80.dll exists
  • OR Microsoft Visual Studio 2008
  • Microsoft Visual Studio 2008 is installed
  • AND the version of ATL90.dll is less than 9.0.21022.218
  • AND ATL90.dll exists
  • OR Microsoft Visual Studio 2008 SP1
  • Microsoft Visual Studio 2008 Service Pack 1 is installed
  • AND the version of ATL90.dll is less than 9.0.30729.4148
  • AND ATL90.dll exists
  • OR Microsoft Visual C++ 2005 Redistributable Package
  • Microsoft Visual C++ 2005 Redistributable Package is installed
  • AND vulnerable version
  • the version of %SystemRoot%\WinSxS\(x86|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.*\atl80.dll is less than 8.0.50727.4053
  • OR the version of %SystemRoot%\winsxs\(x86|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.*\atl80.dll is less than 8.0.50727.4053
  • OR Microsoft Visual C++ 2008 Redistributable Package
  • Microsoft Visual C++ 2008 Redistributable Package is installed
  • AND vulnerable version
  • the version of %SystemRoot%\WinSxS\(x86|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.*\atl90.dll is less than 9.0.30729.4148
  • OR the version of %SystemRoot%\winsxs\(x86|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.*\atl90.dll is less than 9.0.30729.4148
  • OR Microsoft Outlook Express 5.5 SP2 on Windows 2000
  • Microsoft Windows 2000 is installed
  • AND Microsoft Outlook Express 5.5 SP2 is installed.
  • AND the version of Msoe.dll is less than 5.50.5003.1000
  • OR Microsoft Outlook Express 6 SP1 on Windows 2000
  • Microsoft Windows 2000 is installed
  • AND Microsoft Outlook Express 6 SP1 is installed.
  • AND the version of Msoe.dll is less than 6.0.2800.1983
  • OR Microsoft Outlook Express 6 on Windows XP x86
  • Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
  • AND Check for affected platforms with vulnerable file
  • Check for Windows XP x86
  • Microsoft Windows XP (32-bit) is installed
  • AND the version of Msoe.dll is less than 6.0.2900.3598
  • OR Check for Windows XP x86
  • Microsoft Windows XP (32-bit) is installed
  • AND the version of Msoe.dll is less than 6.0.2900.5843
  • OR Check for Windows XP (64-bit) and 2003 x86/x64/ia64
  • OS Check
  • Microsoft Windows Server 2003 (32-bit) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) Gold is installed
  • OR Microsoft Windows XP x64 is installed
  • AND the version of Msoe.dll is less than 6.0.3790.4548
  • OR Windows Media Player 9 on Windows 2000 (KB973540)
  • Microsoft Windows 2000 is installed
  • AND Windows Media Player v9 is installed.
  • AND file checks
  • the version of Wmp.dll is less than 9.0.0.3364
  • OR Wmpdxm.dll version is less than 9.0.0.3364
  • OR Windows Media Player 9 on Windows XP x86 (KB973540)
  • Microsoft Windows XP (32-bit) is installed
  • AND Windows Media Player v9 is installed.
  • AND file checks
  • the version of Wmp.dll is less than 9.0.0.3364
  • OR Wmpdxm.dll version is less than 9.0.0.3364
  • OR Windows Media Player 9 on Windows XP x86 (KB973540)
  • Microsoft Windows XP (32-bit) is installed
  • AND Windows Media Player v9 is installed.
  • AND file checks
  • Wmp.dll version is less than 9.0.0.4507
  • OR Wmpdxm.dll version is less than 9.0.0.4507
  • OR Windows Media Player 10 on Windows XP x86/x64, Server 2003 x86/x64 (KB973540)
  • Windows Media Player v10 is installed.
  • AND Check for affected platforms with vulnerable file
  • Check for Windows XP
  • Microsoft Windows XP (32-bit) is installed
  • AND file checks
  • Wmp.dll version is less than 10.0.0.4074
  • OR Wmpdxm.dll version is less than 10.0.0.4074
  • OR Check for Windows XP x64, Windows Server 2003 x64
  • OS Check
  • Microsoft Windows Server 2003 (x64) is installed
  • OR Microsoft Windows XP x64 is installed
  • AND file checks
  • the version of Wwmp.dll is less than 10.0.0.4006
  • OR Wwmpdxm.dll version is less than 10.0.0.4006
  • OR Check for Windows Server 2003 x86
  • Microsoft Windows Server 2003 (32-bit) is installed
  • AND file checks
  • the version of Wmp.dll is less than 10.0.0.4006
  • OR Wmpdxm.dll version is less than 10.0.0.4006
  • OR Windows Media Player 11 on Windows XP x86/x64 (KB973540)
  • OS Check
  • Microsoft Windows XP (32-bit) is installed
  • OR Microsoft Windows XP x64 is installed
  • AND Windows Media Player v11 is installed.
  • AND file checks
  • Wmp.dll version is less than 11.0.5721.5268
  • OR Wmpdxm.dll version is less than 11.0.5721.5268
  • OR Windows Media Player 11 on Windows Vista 32-bit/64-bit RTM (KB973540)
  • OS Check
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND Windows Media Player v11 is installed.
  • AND GDR/LDR version check
  • the version of Wmp.dll is less than 11.0.6000.6352
  • OR Wmpdxm.dll version is less than 11.0.6000.6352
  • OR LDR version check
  • the version of Spwmp.dll is greater than or equal 6.0.6000.20000
  • AND file checks
  • the version of Wmp.dll is less than 11.0.6000.6511
  • OR Wmpdxm.dll version is less than 11.0.6000.6511
  • OR Windows Media Player 11 on Windows Vista 32/64-bit, Server 2008 32/64-bit (KB973540)
  • OS Check
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND Windows Media Player v11 is installed.
  • AND GDR/LDR version check
  • Wmp.dll version is less than 11.0.6001.7007
  • OR Wmpdxm.dll version is less than 11.0.6001.7007
  • OR LDR version check
  • Spwmp.dll version is greater than or equal to 6.0.6001.22000
  • AND file checks
  • Wmp.dll version is less than 11.0.6001.7114
  • OR Wmpdxm.dll version is less than 11.0.6001.7114
  • OR Windows Media Player 11 on Windows Vista 32/64-bit, Server 2008 32/64-bit (KB973540)
  • OS Check
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND Windows Media Player v11 is installed.
  • AND GDR/LDR version check
  • Wmp.dll version is less than 11.0.6002.18065
  • OR Wmpdxm.dll version is less than 11.0.6002.18065
  • OR LDR version check
  • Spwmp.dll version is greater than or equal 6.0.6002.22000
  • AND file checks
  • Wmp.dll version is less than 11.0.6002.22172
  • OR Wmpdxm.dll version is less than 11.0.6002.22172
  • OR Windows ATL Component on Windows 2000
  • Microsoft Windows 2000 is installed
  • AND the version of atl.dll is less than 3.0.9794.0
  • OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008
  • OS Check
  • Microsoft Windows XP (32-bit) is installed
  • OR Microsoft Windows Server 2003 (32-bit) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) Gold is installed
  • OR Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • OR Microsoft Windows XP x64 is installed
  • AND the version of atl.dll is less than 3.5.2284.2
  • OR DHTML Editing Component ActiveX Control on Windows 2000
  • Microsoft Windows 2000 is installed
  • AND the version of dhtmled.ocx is less than 6.1.0.9234
  • OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86
  • OS Check
  • Microsoft Windows XP (32-bit) is installed
  • OR Microsoft Windows Server 2003 (32-bit) is installed
  • AND the version of dhtmled.ocx is less than 6.1.0.9247
  • OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit
  • OS Check
  • Microsoft Windows Server 2003 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) Gold is installed
  • OR Microsoft Windows XP x64 is installed
  • AND the version of wdhtmled.ocx is less than 6.1.0.9247
  • OR Microsoft MSWebDVD ActiveX Control on Windows XP x86
  • Microsoft Windows XP (32-bit) is installed
  • AND Mswebdvd.dll version is less than 6.5.2600.3610
  • OR Microsoft MSWebDVD ActiveX Control on Windows XP x86
  • Microsoft Windows XP (32-bit) is installed
  • AND Mswebdvd.dll version is less than 6.5.2600.5857
  • OR Microsoft MSWebDVD ActiveX Control on Windows XP x64, Server 2003 x86/x64
  • OS Check
  • Microsoft Windows Server 2003 (32-bit) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • OR Microsoft Windows XP x64 is installed
  • AND the version of Mswebdvd.dll is less than 6.5.3790.4565
  • OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64
  • Microsoft Windows Server 2003 (ia64) Gold is installed
  • AND the version of Mswebdvd.dll is less than 6.5.3790.3386
  • OR Microsoft HtmlInput Object ActiveX Control in Windows Vista
  • OS Check for windows Vista X86/x64
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND GRD/LDR version Check
  • the version of Ehkeyctl.dll is less than 6.0.6000.16891
  • OR LDR version check
  • the version of Ehkeyctl.dll is greater than or equal 6.0.6000.20000
  • AND the version of Ehkeyctl.dll is less than 6.0.6000.21090
  • OR Microsoft HtmlInput Object ActiveX Control in Windows Vista
  • OS Check
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND GDR/LDR version Check
  • the version of Ehkeyctl.dll is less than 6.0.6001.18295
  • OR LDR version check
  • the version of Ehkeyctl.dll is greater than or equal 6.0.6001.22000
  • AND the version of Ehkeyctl.dll is less than 6.0.6001.22476
  • OR Microsoft HtmlInput Object ActiveX Control in Windows Vista
  • OS check
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND GDR/LDR version check
  • the version of Ehkeyctl.dll is less than 6.0.6002.18072
  • OR LDR version check
  • the version of Ehkeyctl.dll is greater than or equal 6.0.6002.22000
  • AND the version of Ehkeyctl.dll is less than 6.0.6002.22181
    • BACK