Oval Definition:oval:org.cisecurity:def:782
Revision Date:2016-07-15Version:14
Title:Microsoft Office Memory Corruption Vulnerability – CVE-2016-0140 (MS16-054)
Description:Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-0140
Platform(s):Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Office 2007
Microsoft Office 2010
Microsoft Office Web Apps 2010
Microsoft SharePoint Server 2010
Definition Synopsis
  • MS Office 2007 SP3 + vulnerable version
  • Microsoft Office 2007 SP3 is installed
  • AND vulnerable files
  • Check if the version of oartconv.dll is less than 12.0.6748.5000
  • OR Check if the version of oart.dll is less than 12.0.6748.5000
  • OR MS Office 2010 + vulnerable version
  • MS Office 2010 SP2
  • Microsoft Office 2010 SP2 x86 is installed
  • OR Microsoft Office 2010 SP2 x64 is installed
  • AND vulnerable files
  • Check if the version of oartconv.dll is less than 14.0.7169.5000
  • OR Check if the version of oart.dll is less than 14.0.7169.5000
  • vulnerable MS SharePoint Server 2010
  • Microsoft SharePoint Server 2010 Service Pack 2 is installed
  • AND Check if the version of oartserver.dll is less than 14.0.7169.5000
  • OR vulnerable MS Office Web Apps 2010 SP2 vulnerable version
  • Microsoft Office Web Apps 2010 Service Pack 2 is installed
  • AND Check if the version of ogl.dll is less than 14.0.7168.5000
    • BACK