Oval Definition:
oval:org.cisecurity:def:768
Revision Date
:
2016-07-01
Version
:
13
Title
:
Microsoft Office Memory Corruption Vulnerability - CVE-2016-0126 (MS16-054)
Description
:
Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Family
:
windows
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2016-0126
Platform(s)
:
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s)
:
Microsoft Office 2013
Microsoft Office 2016
Definition Synopsis
MS Office 2013 + vulnerable version
MS Office 2013
Microsoft Office 2013 SP1 x86 is installed
OR
Microsoft Office 2013 SP1 x64 is installed
AND
Check if the version of mso.dll is less than 15.0.4823.1000
OR
MS Office 2016 + vulnerable version
Microsoft Office 2016 is installed
AND
Check if the version of mso40uires.dll is less than 16.0.4297.1000
BACK