Oval Definition:oval:org.cisecurity:def:418
Revision Date:2016-04-29Version:39
Title:Microsoft Browser Spoofing Vulnerability - CVE-2016-0077 (MS16-009)
Description:Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-0077
Platform(s):Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Product(s):Internet Explorer 10
Internet Explorer 11
Internet Explorer 9
Definition Synopsis
  • Internet Explorer 9 is installed + vulnerable windows OS + vulnerable file version
  • Microsoft Internet Explorer 9 is installed
  • AND vulnerable windows OS + vulnerable file version
  • Vista/2008 + vulnerable file version
  • Vista/2008
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND Check for vulnerable file version
  • Check if the version of mshtml.dll is less than 9.0.8112.16748
  • OR Internet Explorer 10 is installed + vulnerable windows OS + vulnerable file version
  • Microsoft Internet Explorer 10 is installed
  • AND vulnerable windows OS + vulnerable file version
  • 2008 R2/Win7/2012 Server + vulnerable file version
  • 2008 R2/Win7/2012 Server
  • Microsoft Windows 7 is installed
  • OR Microsoft Windows Server 2008 R2 is installed
  • OR Microsoft Windows Server 2012 is installed
  • AND Check for vulnerable file version
  • Check if the version of mshtml.dll is less than 10.0.9200.17640
  • OR Internet Explorer 11 is installed + vulnerable windows OS + vulnerable file version
  • Microsoft Internet Explorer 11 is installed
  • AND vulnerable windows OS + vulnerable file version
  • R2/Win7/2012 Server + vulnerable file version
  • R2/Win7 x86 version
  • Microsoft Windows 7 is installed
  • OR Microsoft Windows Server 2008 R2 is installed
  • OR Microsoft Windows Server 2012 is installed
  • OR Microsoft Windows Server 2012 R2 is installed
  • OR Microsoft Windows 8.1 is installed
  • AND Check if the version of mshtml.dll is less than 11.0.9600.18205
    • BACK