Oval Definition:oval:org.cisecurity:def:499
Revision Date:2016-06-13Version:11
Title:.NET Framework Remote Code Execution Vulnerability - CVE-2016-0148 (MS16-041)
Description:Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-0148
Platform(s):Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s):Microsoft .NET Framework 4.6
Microsoft .NET Framework 4.6.1
Definition Synopsis
  • .NET Framework (4.6) + Vista/2008 + vulnerable file version
  • Microsoft .NET Framework 4.6 is installed
  • AND Vista/2008
  • Microsoft Windows Vista (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Vista x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
  • AND Check if the version of mscorlib.dll is less than 4.6.1076.0
  • AND .NET Framework (4.6/.1) + Win7/R2 + vulnerable file version
  • .NET Framework (4.6/.1)
  • Microsoft .NET Framework 4.6 is installed
  • OR Microsoft .NET Framework 4.6.1 is installed
  • AND Win7/R2
  • Microsoft Windows 7 (32-bit) Service Pack 1 is installed
  • OR Microsoft Windows 7 x64 Service Pack 1 is installed
  • OR Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
  • AND Check if the version of mscorlib.dll is less than 4.6.1076.0
    • BACK