OLE Object Instantiation Vulnerability in Microsoft Visual Studio and Windows
CVE-2009-2493

Currently unrated

Key Information:

Vendor

Microsoft
Status
Visual C\+\+
Vendor
CVE Published:
29 July 2009

What is CVE-2009-2493?

The vulnerability resides in the Active Template Library (ATL), which does not securely restrict the use of OleLoadFromStream. This flaw allows attackers to instantiate objects from potentially malicious data streams, enabling the execution of arbitrary code when users open specially crafted HTML documents that contain these ATL components. Proper security measures and restrictions put in place by the software are bypassed, leading to risks of unauthorized access and control over affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.adobe.com/support/security/bulletins/apsb09-11...
x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-66-...
vendor-advisoryx_refsource_SUNALERT
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

42% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.