Oval Definition:	oval:org.mitre.oval:def:16066
Revision Date: 2014-08-18 Version: 48 Title: CMarkup Use After Free Vulnerability - MS12-077 Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2012-4782 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Product(s): Microsoft Internet Explorer 10 Microsoft Internet Explorer 9 Definition Synopsis IE9 + vulnerable (OS + file versions) Microsoft Internet Explorer 9 is installed AND Vista/2k8/Win7/R2 Microsoft Windows 7 is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed OR Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for LDR/GDR Check if the version of mshtml.dll is less than 9.0.8112.16457 OR Check for LDR Mshtml.dll version is greater than or equal to 9.0.8112.20000 AND Check if the version of mshtml.dll is less than 9.0.8112.20565 OR Win 8 / 2012 and IE10 vulnerable version Win 8 / 2012 Microsoft Windows 8 is installed OR Microsoft Windows Server 2012 is installed AND Check for vulnerable versions Check if the version of mshtml.dll is less than 10.0.9200.16458 OR Check for LDR Check if the version of mshtml.dll is greater than or equal to 10.0.9200.20000 AND Check if the version of mshtml.dll is less than 10.0.9200.20562
BACK