Oval Definition:	oval:org.cisecurity:def:774
Revision Date: 2016-07-15 Version: 8 Title: Windows DLL Loading Remote Code Execution Vulnerability - CVE-2016-0152 (MS16-058) Description: Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-0152 Platform(s): Microsoft Windows Server 2008 Microsoft Windows Vista Product(s): Definition Synopsis Vista/2008 + vulnerable file version Vista/2008 Microsoft Windows Vista (32-bit) Service Pack 2 is installed OR Microsoft Windows Vista x64 Edition Service Pack 2 is installed OR Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed OR Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND vulnerable version Check if the version of W3dt.dll is less than 7.0.6002.19634 OR LDR Check if the version of W3dt.dll is less than 7.0.6002.23948 AND Check if the version of W3dt.dll is greater than or equal to 7.0.6002.23000
BACK