Remote Code Execution in Microsoft Visual Studio Components and Windows OS
CVE-2009-0901

Currently unrated

Key Information:

Vendor

Microsoft
Status
Visual C\+\+
Visual Studio .net
Visual Studio
Vendor
CVE Published:
29 July 2009

What is CVE-2009-0901?

A vulnerability exists in the Active Template Library (ATL) of Microsoft Visual Studio and Windows operating systems. This issue arises due to the failure to adequately handle calls to VariantClear on an uninitialized VARIANT. Malicious actors could exploit this flaw by sending a malformed data stream to an ATL component or control, which may lead to the execution of arbitrary code on the vulnerable system. Such exploits can compromise user data and further extend the attack to other networked systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.adobe.com/support/security/bulletins/apsb09-11...
x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-66-...
vendor-advisoryx_refsource_SUNALERT
http://www.securityfocus.com/bid/35832
vdb-entryx_refsource_BID

EPSS Score

66% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.