Intrusion Prevention

MS.ATL.Uninitialized.Object.Code.Execution

Description

This indicates an attack attempt against an ActiveX control that built upon on vulnerable Microsoft ATL.
The vulnerable version of this ATL is shipped as official ATL release by Visual Studio prior to VS2008 SP1.

Affected Products

Microsoft Visual Studio .NET 2003 Service Pack 1
Microsoft Visual Studio 2005 Service Pack 1
Microsoft Visual Studio 2005 Service Pack 1 64-bit Hosted Visual C++ Tools
Microsoft Visual Studio 2008
Microsoft Visual Studio 2008 Service Pack 1
Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2009-0901