Microsoft Active Template Library Header Data Remote Code Execution Vulnerability

The Microsoft Active Template Library (ATL) is prone to a remote code-execution vulnerability.

This issue affects a private version of the ATL used internally by Microsoft; components written by other vendors are likely unaffected.

Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built against the affected library. Failed exploit attempts will result in a denial-of-service condition.

NOTE: This BID was previously titled "Microsoft Windows 'MPEG2TuneRequest' ActiveX Control Remote Code Execution Vulnerability". It has been updated to better reflect the issue.


Privacy Statement
Copyright 2010, SecurityFocus