OVAL Reference oval:org.cisecurity:def:1642

Oval Definition:

oval:org.cisecurity:def:1642

Revision Date:	2017-01-27	Version:	6
Title:	Microsoft Office Information Disclosure Vulnerability – CVE-2016-7290 (MS16-148)
Description:	Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7291.
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2016-7290
Platform(s):	Microsoft Windows 10 Microsoft Windows 7 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Vista	Product(s):	Microsoft Office 2010 Microsoft Office Compatibility Pack Microsoft Office Web Apps 2010 Microsoft SharePoint Server 2010 Microsoft Word 2007 Microsoft Word 2010
Definition Synopsis
Microsoft Word 2007 + file version Microsoft Word 2007 SP3 is installed AND Check if winword.exe version is less than 12.0.6762.5000 OR Microsoft Office 2010 + file version Microsoft Office 2010 SP2 is installed AND Check if wwlibcxm.dll version is less than 14.0.7177.5000 OR Microsoft Word 2010 + file version Microsoft Word 2010 SP2 is installed AND Check if winword.exe version is less than 14.0.7177.5000 OR Microsoft Office Compatibility Pack + file version Microsoft Office Compatibility Pack SP3 is installed AND Check if wordcnv.dll version is less than 12.0.6762.5000 OR Microsoft Sharepoint Server 2010 + file version Microsoft SharePoint Server 2010 Service Pack 2 is installed AND Check if sword.dll version is less than 14.0.7177.5000 OR Microsoft Office Web Apps 2010 + file version Microsoft Office Web Apps 2010 Service Pack 2 is installed AND Check if sword.dll version is less than 14.0.7177.5000

BACK