Microsoft Active Template Library Object Type Mismatch Remote Code Execution Vulnerability

The Microsoft Active Template Library is prone to a remote code-execution vulnerability.

NOTE: This issue affects a private version of the ATL used internally by Microsoft; components written by other vendors are likely unaffected.

Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built against the affected library. Failed exploit attempts will result in a denial-of-service condition.


Privacy Statement
Copyright 2010, SecurityFocus