The remote host is missing a list of kill bits for ActiveX controls that are known to contain vulnerabilities.

If these ActiveX controls are ever installed on the remote host, either now or in the future, they would expose it to various security issues.

The remote Windows host contains a version of the Microsoft Active Template Library (ATL), included as part of Visual Studio or Visual C++, that is affected by multiple vulnerabilities :

  - A remote code execution issue affects the Microsoft     Video ActiveX Control due to the a flaw in the function     'CComVariant::ReadFromStream' used in the ATL header,     which fails to properly restrict untrusted data read     from a stream. (CVE-2008-0015)

  - A remote code execution issue exists in the Microsoft     Active Template Library due to an error in the 'Load'     method of the 'IPersistStreamInit' interface, which     could allow calls to 'memcpy' with untrusted data.
    (CVE-2008-0020)

  - An issue in the ATL headers could allow an attacker to     force VariantClear to be called on a VARIANT that has     not been correctly initialized and, by supplying a     corrupt stream, to execute arbitrary code.
    (CVE-2009-0901)

  - Unsafe usage of 'OleLoadFromStream' could allow     instantiation of arbitrary objects which can bypass     related security policy, such as kill bits within     Internet Explorer. (CVE-2009-2493)

  - A bug in the ATL header could allow reading a variant     from a stream and leaving the variant type read with     an invalid variant, which could be leveraged by an     attacker to execute arbitrary code remotely.
    (CVE-2009-2494)

According to the version number obtained by NTLM the remote host has Windows Server 2008 installed. The host may be vulnerable to a number of vulnerabilities including remote unauthenticated code execution.

ID	Name	Product	Family	Published	Updated	Severity
39622	MS09-032: Cumulative Security Update of ActiveX Kill Bits (973346)	Nessus	Windows : Microsoft Bulletins	7/7/2009	4/11/2022	high
40556	MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)	Nessus	Windows : Microsoft Bulletins	8/11/2009	8/5/2020	high
108811	Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)	Nessus	Windows	4/3/2018	11/21/2024	critical

Detections

Analytics

Plugins Search

high

high

critical