Oval Definition:oval:org.cisecurity:def:420
Revision Date:2016-04-29Version:40
Title:Internet Explorer Memory Corruption Vulnerability - CVE-2016-0067 (MS16-009)
Description:Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0060, CVE-2016-0061, CVE-2016-0063, and CVE-2016-0072.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-0067
Platform(s):Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Product(s):Internet Explorer 10
Internet Explorer 11
Internet Explorer 9
Definition Synopsis
  • Internet Explorer 9 is installed + vulnerable windows OS + vulnerable file version
  • Microsoft Internet Explorer 9 is installed
  • AND vulnerable windows OS + vulnerable file version
  • Vista/2008 + vulnerable file version
  • Vista/2008
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND Check for vulnerable file version
  • Check if the version of mshtml.dll is less than 9.0.8112.16748
  • OR Internet Explorer 10 is installed + vulnerable windows OS + vulnerable file version
  • Microsoft Internet Explorer 10 is installed
  • AND vulnerable windows OS + vulnerable file version
  • 2008 R2/Win7/2012 Server + vulnerable file version
  • 2008 R2/Win7/2012 Server
  • Microsoft Windows 7 is installed
  • OR Microsoft Windows Server 2008 R2 is installed
  • OR Microsoft Windows Server 2012 is installed
  • AND Check for vulnerable file version
  • Check if the version of mshtml.dll is less than 10.0.9200.17640
  • OR Internet Explorer 11 is installed + vulnerable windows OS + vulnerable file version
  • Microsoft Internet Explorer 11 is installed
  • AND vulnerable windows OS + vulnerable file version
  • R2/Win7/2012 Server + vulnerable file version
  • R2/Win7 x86 version
  • Microsoft Windows 7 is installed
  • OR Microsoft Windows Server 2008 R2 is installed
  • OR Microsoft Windows Server 2012 is installed
  • OR Microsoft Windows Server 2012 R2 is installed
  • OR Microsoft Windows 8.1 is installed
  • AND Check if the version of mshtml.dll is less than 11.0.9600.18205
    • BACK