CVE-2009-0901
8.8 HIGHThe Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1...
Published: 2009-07-29 · Last updated: 2026-05-27
Severity and scoring
- CVSS
- 8.8 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- CWE
- CWE-457, CWE-94
Affected products
| Vendor | Product |
|---|---|
| microsoft | visual_c\+\+, visual_studio, visual_studio_.net |
Description
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2009-0901
- [Other]http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx
- [Other]http://marc.info/?l=bugtraq&m=126592505426855&w=2
- [Other]http://secunia.com/advisories/35967
- [Other]http://secunia.com/advisories/36187
- [Other]http://secunia.com/advisories/36374
- [Other]http://secunia.com/advisories/36746
- [Other]http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1
- [Patch]http://www.adobe.com/support/security/advisories/apsa09-04.html
- [Other]http://www.adobe.com/support/security/bulletins/apsb09-10.html
- [Patch]http://www.adobe.com/support/security/bulletins/apsb09-11.html
- [Other]http://www.adobe.com/support/security/bulletins/apsb09-13.html
- [Other]http://www.novell.com/support/viewContent.do?externalId=7004997&sliceId=1
- [Patch]http://www.securityfocus.com/bid/35832
- [Other]http://www.us-cert.gov/cas/techalerts/TA09-195A.html
- [Other]http://www.us-cert.gov/cas/techalerts/TA09-223A.html
- [Other]http://www.us-cert.gov/cas/techalerts/TA09-286A.html
- [Other]http://www.vupen.com/english/advisories/2009/2034
- [Other]http://www.vupen.com/english/advisories/2009/2232
- [Other]https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-035
- [Other]https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037
- [Other]https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-060
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6289
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6311
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6373
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7581
- [Other]http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx
- [Other]http://marc.info/?l=bugtraq&m=126592505426855&w=2
- [Other]http://secunia.com/advisories/35967
- [Other]http://secunia.com/advisories/36187
- [Other]http://secunia.com/advisories/36374
- [Other]http://secunia.com/advisories/36746
- [Other]http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1
- [Patch]http://www.adobe.com/support/security/advisories/apsa09-04.html
- [Other]http://www.adobe.com/support/security/bulletins/apsb09-10.html
- [Patch]http://www.adobe.com/support/security/bulletins/apsb09-11.html
- [Other]http://www.adobe.com/support/security/bulletins/apsb09-13.html
- [Other]http://www.novell.com/support/viewContent.do?externalId=7004997&sliceId=1
- [Patch]http://www.securityfocus.com/bid/35832
- [Other]http://www.us-cert.gov/cas/techalerts/TA09-195A.html
- [Other]http://www.us-cert.gov/cas/techalerts/TA09-223A.html
- [Other]http://www.us-cert.gov/cas/techalerts/TA09-286A.html
- [Other]http://www.vupen.com/english/advisories/2009/2034
- [Other]http://www.vupen.com/english/advisories/2009/2232
- [Other]https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-035
- [Other]https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037
- [Other]https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-060
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6289
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6311
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6373
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7581
Related CVEs
Same vendor
- CVE-2026-50512 — Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privilege... (7.8 HIGH)
- CVE-2026-50511 — Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privilege... (7.8 HIGH)
- CVE-2026-50507 — Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack (6.8 MEDIUM)
- CVE-2026-49161 — Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally (7.8 HIGH)
- CVE-2026-49160 — Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network (7.5 HIGH)
Same CWE
- CVE-2026-24155 — NVIDIA NeMo Framework for all platforms contains a code injection vulnerability (7.8 HIGH)
- CVE-2026-49774 — Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion (9.9 CRITICAL)
- CVE-2026-48017 — DbGate is cross-platform database manager (8.8 HIGH)
- CVE-2026-48836 — Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions (10.0 CRITICAL)
- CVE-2026-48124 — Cursor is a code editor built for programming with AI