Vulnerability Name:

CVE-2008-0020 (CCN-44625)

Assigned:2007-12-13
Published:2009-07-06
Updated:2018-10-12
Summary:Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption, aka "ATL Header Memcopy Vulnerability," a different vulnerability than CVE-2008-0015.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Access
References:Source: MISC
Type: UNKNOWN
http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx

Source: MITRE
Type: CNA
CVE-2008-0020

Source: CCN
Type: SA36187
Microsoft Windows Various Components ATL Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
36187

Source: CCN
Type: SECTRACK ID: 1022712
Microsoft Active Template Library (ATL) Bugs Let Remote Users Execute Arbitrary Code

Source: ISS
Type: UNKNOWN
20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities

Source: CCN
Type: Microsoft Security Bulletin MS09-037
Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution. (973908)

Source: CCN
Type: Microsoft Security Bulletin MS10-030
Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542)

Source: CCN
Type: BID-35585
Microsoft Active Template Library 'IPersistStreamInit' Remote Code Execution Vulnerability

Source: SECTRACK
Type: UNKNOWN
1022712

Source: CERT
Type: US Government Resource
TA09-223A

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2009-2232

Source: MS
Type: UNKNOWN
MS09-037

Source: XF
Type: UNKNOWN
atl-stream-stack-bo(44625)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5850

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:-:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:2005:sp3:media_center:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:*:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:5850
    V
    		ATL Header Memcopy Vulnerability
    2014-08-18
    BACK
    microsoft windows 2003 server - sp2
    microsoft windows 2003 server - sp2
    microsoft windows 2003 server - sp2
    microsoft windows xp * sp2
    microsoft windows xp - sp2
    microsoft windows xp - sp3
    microsoft windows 2000 - sp4
    microsoft windows xp sp2
    microsoft windows xp 2005 sp3
    microsoft windows vista *
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows vista -
    microsoft windows xp sp2
    microsoft windows vista - sp1
    microsoft windows vista - sp1
    microsoft windows server 2008 -
    microsoft windows server 2008 -
    microsoft windows xp sp3
    microsoft windows vista - sp2
    microsoft windows vista - sp2
    microsoft windows server 2008 sp2
    microsoft windows server 2008