Oval Definition:	oval:org.mitre.oval:def:18132
Revision Date: 2013-09-30 Version: 44 Title: ASLR Security Feature Bypass Vulnerability - MS13-063 Description: Unspecified vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 through SP1 allows attackers to bypass the ASLR protection mechanism via unknown vectors, as demonstrated against Adobe Flash Player by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "ASLR Security Feature Bypass Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2013-2556 Platform(s): Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Product(s): Definition Synopsis Vista/2008 and vulnerable file version Vista/2008 Microsoft Windows Vista x64 Edition Service Pack 2 is installed OR Microsoft Windows Vista (32-bit) Service Pack 2 is installed OR Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed OR Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Check for vulnerable version Check if the version of Ntoskrnl.exe is less than 6.0.6002.18881 OR Check for LDR range Check if the version of Ntoskrnl.exe is less than 6.0.6002.23154 AND Check if the version of Ntoskrnl.exe is greater than or equal to 6.0.6002.23000 OR 7/ R2 and vulnerable file version 7/R2 Microsoft Windows 7 (32-bit) Service Pack 1 is installed OR Microsoft Windows 7 x64 Service Pack 1 is installed OR Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND Check for vulnerable version Check if the version of Ntoskrnl.exe is less than 6.1.7601.18205 OR Check for LDR range Check if the version of Ntoskrnl.exe is greater than or equal to 6.1.7601.22000 AND Check if the version of Ntoskrnl.exe is less than 6.1.7601.22379
BACK