Oval Definition:	oval:org.cisecurity:def:1689
Revision Date: 2017-02-03 Version: 6 Title: Microsoft Office Information Disclosure Vulnerability – CVE-2016-7264 (MS16-148) Description: Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-7264 Platform(s): Microsoft Windows 10 Microsoft Windows 7 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Vista Product(s): Microsoft Excel 2007 Microsoft Excel Viewer Microsoft Office Compatibility Pack Definition Synopsis Microsoft Excel 2007 + file version Microsoft Excel 2007 SP3 is installed AND Check if excel.exe version is less than 12.0.6762.5000 OR Microsoft Office Compatibility Pack + file version Microsoft Office Compatibility Pack SP3 is installed AND Check if excelcnv.exe version is less than 12.0.6762.5000 OR Microsoft Excel Viewer + file version Microsoft Excel Viewer 2007 is installed AND Check if xlview.exe version is less than 12.0.6762.5000
BACK