Oval Definition:oval:org.cisecurity:def:448
Revision Date:2016-05-14Version:40
Title:Internet Explorer Elevation of Privilege Vulnerability - CVE-2016-0005 (MS16-001)
Description:Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-0005
Platform(s):Microsoft Windows 10
Microsoft Windows 10 version 1511
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Product(s):Internet Explorer 10
Internet Explorer 11
Internet Explorer 9
Definition Synopsis
  • Internet Explorer 9 + vulnerable Windows OS + vulnerable file version
  • Microsoft Internet Explorer 9 is installed
  • AND vulnerable windows OS + vulnerable file version
  • Vista/2k8/R2/Win7 + vulnerable file version
  • Vista/2k8/R2/Win7
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows 7 (32-bit) is installed
  • OR Microsoft Windows 7 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
  • AND Check for vulnerable file version
  • Check if the version of mshtml.dll is less than 9.0.8112.16737
  • OR Internet Explorer 10 + vulnerable windows OS + vulnerable file version
  • Microsoft Internet Explorer 10 is installed
  • AND vulnerable windows OS + vulnerable file version
  • Win7 x86 version + vulnerable file version
  • Win7 x86 version
  • Microsoft Windows 7 (32-bit) is installed
  • AND Check for vulnerable file version
  • Check if the version of mshtml.dll is less than 10.0.9200.17609
  • OR R2/Win7 x64/2012/Win8 version + vulnerable file version
  • R2/Win7 x64/ version
  • Microsoft Windows 7 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • OR Microsoft Windows 8 is installed
  • OR Microsoft Windows Server 2012 is installed
  • AND Check for vulnerable file version
  • Check if the version of mshtml.dll is less than 10.0.9200.17606
  • OR Internet Explorer 11 + vulnerable windows OS + vulnerable file version
  • Microsoft Internet Explorer 11 is installed
  • AND vulnerable windows OS + vulnerable file version
  • R2/Win7 version + vulnerable file version
  • R2/Win7 version
  • Microsoft Windows 7 (32-bit) is installed
  • OR Microsoft Windows 7 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • AND Check if the version of mshtml.dll is less than 11.0.9600.18163
  • OR Win8.1/2012 R2 version + vulnerable file version
  • Win8.1/2012 R2 version
  • Microsoft Windows 8.1 is installed
  • OR Microsoft Windows Server 2012 is installed
  • AND Check if the version of mshtml.dll is less than 11.0.9600.18161
  • OR Win 10 + vulnerable file version
  • Microsoft Windows 10 is installed
  • AND Check if the version of mshtml.dll is less than 11.0.10240.16603
  • OR Win 10 version 1511 + vulnerable file version
  • Win 10 version 1511
  • Microsoft Windows 10 Version 1511 (32-bit) is installed
  • OR Microsoft Windows 10 Version 1511 (64-bit) is installed
  • AND Check if the version of mshtml.dll is less than 11.0.10586.20
    • BACK