Oval Definition:oval:org.cisecurity:def:1451
Revision Date:2016-12-23Version:6
Title:Microsoft Office Information Disclosure Vulnerability – CVE-2016-7233 (MS16-133)
Description:Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-7233
Platform(s):Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Vista
Product(s):Microsoft Office 2010
Microsoft Office Compatibility Pack
Microsoft Office Web Apps 2010
Microsoft Sharepoint Server 2013
Microsoft Word 2007
Microsoft Word 2010
Microsoft Word Viewer
Definition Synopsis
  • Microsoft Word 2007 + file version
  • Microsoft Word 2007 is installed
  • AND Check if the version of winword.exe is less than 12.0.6759.5000
  • OR Microsoft Word 2010 + file version
  • Microsoft Word 2010 SP2 is installed
  • AND Check if the version of winword.exe is less than 14.0.7176.5000
  • OR Microsoft Office 2010 + file version
  • Microsoft Office 2010 SP2
  • Microsoft Office 2010 SP2 x86 is installed
  • OR Microsoft Office 2010 SP2 x64 is installed
  • AND Check if the version of wwlibcxm.dll is less than 14.0.7176.5000
  • OR Microsoft Word Viewer + file version
  • Microsoft Word Viewer is installed
  • AND Check if the version of wordview.exe is less than 11.0.8437
  • OR Microsoft Office Compatibility Pack + file version
  • Microsoft Office Compatibility Pack SP3 is installed
  • AND Check if the version of wordcnv.dll is less than 12.0.6759.5000
  • OR Microsoft SharePoint Server 2013 + file version
  • Microsoft SharePoint Server 2013 SP1 is installed
  • AND Check if the version of wwintl.dll is less than 15.0.4875.1000
  • OR Microsoft Office Web Apps 2010 + file version
  • Microsoft Office Web Apps 2010 Service Pack 2 is installed
  • AND Check if the version of msoserver.dll is less than 14.0.7173.5000
    • BACK