Oval Definition:	oval:org.mitre.oval:def:16069
Revision Date: 2014-08-18 Version: 46 Title: Internet Explorer LsGetTrailInfo use after free vulnerability - MS13-009 Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use After Free Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2013-0022 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Product(s): Microsoft Internet Explorer 10 Microsoft Internet Explorer 9 Definition Synopsis IE 9 and vulnerable OS versions Microsoft Internet Explorer 9 is installed AND Vista/2K8/Win7/R2 Microsoft Windows 7 is installed OR Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 9.0.8112.16464 OR Check for LDR range Mshtml.dll version is greater than or equal to 9.0.8112.20000 AND Check if the version of mshtml.dll is less than 9.0.8112.20573 OR IE 10 and vulnerable OS versions Microsoft Internet Explorer 10 is installed AND Win 8 / 2012 Microsoft Windows 8 is installed OR Microsoft Windows Server 2012 is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 10.0.9200.16494 OR Check for LDR range Check if the version of mshtml.dll is greater than or equal to 10.0.9200.20000 AND Check if the version of mshtml.dll is less than 10.0.9200.20599
BACK