search cancel

Vulnerabilities in Visual Studio Active Template Library

book

Article ID: 254205

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

Security team have flagged out that there are vulnerabilities in Visual Studio Active Template Library (ATL), included as part of Visual Studio or Visual C++ that could allow remote code execution. Is there any action to remediate this vulnerability?

CVE-2009-0901,CVE-2009-2493,CVE-2009-2495

Environment

Release : 20.3

Resolution

As 20.4 cu5 is using vs2017, upgrading to cu5 will address this vulnerability.