Oval Definition:oval:org.mitre.oval:def:11929
Revision Date:2014-06-09Version:19
Title:Insecure Library Loading Vulnerability
Description:Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3141 and CVE-2010-3142.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-3337
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Office 2007
Microsoft Office 2010
Definition Synopsis
  • Microsoft Office 2007
  • Microsoft Office 2007 SP2 is installed
  • AND Mso.dll version is less than 12.0.6545.5004
  • OR Microsoft Office 2010
  • Microsoft Office 2010 is installed
  • AND Mso.dll is less than 14.0.5128.5000
    • BACK