Oval Definition:oval:org.cisecurity:def:507
Revision Date:2016-06-13Version:34
Title:Scripting Engine Memory Corruption Vulnerability - CVE-2016-0187 (MS16-053)
Description: The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0189.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-0187
Platform(s):Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Product(s):JScript
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9
VBScript
Definition Synopsis
  • Check for vulnerable Windows OS + vulnerable file + vulnerable file version
  • Microsoft Server 2008 R2 is installed + file version
  • Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
  • OR VBScript/JScript is installed
  • VBScript 5.8 is installed
  • OR JScript 5.8 is installed
  • OR Check for file version
  • Check if VBScript.dll version is less than 5.8.7601.23435
  • OR Check if JScript.dll version is less than 5.8.7601.23435
  • Check for installation of vulnerable IE + vulnerable Windows OS + vulnerable file + vulnerable file version
  • VBScript/JScript is installed
  • VBScript 5.8 is installed
  • OR JScript 5.8 is installed
  • AND IE is installed + Windows OS is installed + file version
  • IE9 is installed + Windows OS + file version
  • Microsoft Internet Explorer 9 is installed
  • AND Microsoft Windows Vista/Server 2008 is installed + file version
  • OR IE10 is installed + Windows OS + file version
  • Microsoft Internet Explorer 10 is installed
  • AND Microsoft Windows Server 2012 is installed + file version
  • Microsoft Windows Server 2012 (64-bit) is installed
  • OR IE11 is installed + Windows OS + file version
  • Microsoft Internet Explorer 11 is installed
  • AND Windows OS is installed + file version
    • BACK