Oval Definition:	oval:org.cisecurity:def:1450
Revision Date: 2016-12-23 Version: 6 Title: Microsoft Office Memory Corruption Vulnerability – CVE-2016-7245 (MS16-133) Description: Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, and Office 2016 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-7245 Platform(s): Microsoft Windows 10 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Vista Product(s): Microsoft Office 2007 Microsoft Office 2010 Microsoft Office 2013 Microsoft Office 2016 Definition Synopsis Microsoft Office 2007 + file version Microsoft Office 2007 SP3 is installed AND Check if the version of vbe6.dll is less than 6.05.1057 OR Microsoft Office 2010 + file version Microsoft Office 2010 SP2 Microsoft Office 2010 SP2 x86 is installed OR Microsoft Office 2010 SP2 x64 is installed AND Check if the version of vbe7.dll is less than 7.00.1640 OR Microsoft Office 2013 + file version Microsoft Office 2013 SP1 Microsoft Office 2013 SP1 x86 is installed OR Microsoft Office 2013 SP1 x64 is installed AND Check if the version of vbe7.dll is less than 7.01.1056 OR Microsoft Office 2016 + file version Microsoft Office 2016 is installed AND Check if the version of vbe7.dll is less than 7.01.1056
BACK