Oval Definition:oval:org.cisecurity:def:828
Revision Date:2016-07-29Version:32
Title:Scripting Engine Memory Corruption Vulnerability - CVE-2016-3205 (MS16-063/MS16-069)
Description:The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3206 and CVE-2016-3207.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-3205
Platform(s):Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Product(s):JScript
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9
VBScript
Definition Synopsis
  • Check for vulnerable Windows OS + vulnerable file + vulnerable file version
  • Microsoft Windows Vista/Server 2008 is installed + file version
  • Microsoft Windows Vista/Server 2008 is installed + file version
  • Microsoft Windows Vista (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Vista x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
  • AND VBScript 5.7 is installed
  • AND Check for VBScript version
  • Check if VBScript.dll version is less than 5.7.6002.19652
  • OR Check for Limited Distribution Release (LDR) file version
  • Check if the version of vbscript.dll is greater than or equal to 5.7.6002.23000
  • AND Check if VBScript.dll version is less than 5.7.6002.23967
  • OR Microsoft Server 2008 R2 is installed + file version
  • Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
  • AND VBScript/JScript is installed
  • VBScript 5.8 is installed
  • OR JScript 5.8 is installed
  • AND Check for file version
  • Check if VBScript.dll version is less than 5.8.7601.23452
  • OR Check if JScript.dll version is less than 5.8.7601.23452
  • Check for installation of vulnerable IE + vulnerable Windows OS + vulnerable file + vulnerable file version
  • VBScript/JScript is installed
  • VBScript 5.8 is installed
  • OR JScript 5.8 is installed
  • AND IE is installed + Windows OS is installed + file version
  • IE9 is installed + Windows OS + file version
  • Microsoft Internet Explorer 9 is installed
  • AND Microsoft Windows Vista/Server 2008 is installed + file version
  • OR IE10 is installed + Windows OS + file version
  • Microsoft Internet Explorer 10 is installed
  • AND Microsoft Windows Server 2012 is installed + file version
  • Microsoft Windows Server 2012 (64-bit) is installed
  • OR IE11 is installed + Windows OS + file version
  • Microsoft Internet Explorer 11 is installed
  • AND Windows OS is installed + file version
    • BACK