Microsoft Windows Activex Controls Atl "oleloadfromstream()" Vulnerability

Peaches

By Peaches,
in Security Alerts

 Share Followers 0

Recommended Posts

Peaches

Peaches

Posted
Posted
Microsoft Windows ActiveX Controls ATL "OleLoadFromStream()" Vulnerability

Extremely critical

Description:

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

The vulnerability is caused due to multiple ActiveX controls using the "OleLoadFromStream()" ATL function in an unsafe manner.

This is related to vulnerability #2 in:

SA35967 - http://secunia.com/advisories/35967/

Successful exploitation allows execution of arbitrary code.

NOTE: This vulnerability is reportedly being actively exploited.

OS -

Microsoft Windows 2000 Advanced Server

Microsoft Windows 2000 Datacenter Server

Microsoft Windows 2000 Professional

Microsoft Windows 2000 Server

Microsoft Windows 7

Microsoft Windows Server 2003 Datacenter Edition

Microsoft Windows Server 2003 Enterprise Edition

Microsoft Windows Server 2003 Standard Edition

Microsoft Windows Server 2003 Web Edition

Microsoft Windows Server 2008

Microsoft Windows Storage Server 2003

Microsoft Windows Vista

Microsoft Windows XP Home Edition

Microsoft Windows XP Professional

Secunia advisories - http://secunia.com/advisories/36997/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Followers 0
Go to topic listing