Oval Definition:oval:org.mitre.oval:def:1978
Revision Date:2014-02-24Version:48
Title:Uninitialized Memory Corruption Vulnerability
Description:Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-1751
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • IE 5.01,SP4 on Win2k,SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND Microsoft Internet Explorer 5.01 SP4 is installed
  • AND the version of Mshtml.dll is less than 5.0.3853.3000
  • OR IE 6 on Win 2k, SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND Internet Explorer 6 Service Pack 1 is installed
  • AND the version of Mshtml.dll is less than 6.0.2800.1595
  • OR IE 6 on Win XP SP2
  • Microsoft Windows XP SP2 or later is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of Mshtml.dll is less than 6.0.2900.3132
  • OR IE 6 on Win 2k3 SP1
  • Microsoft Windows Server 2003 SP1 (x86) is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of Mshtml.dll is less than 6.0.3790.2920
  • OR IE 6 on Win 2k3 SP2
  • Microsoft Windows Server 2003 SP2 (x86) is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of Mshtml.dll is less than 6.0.3790.4064
  • OR IE 7 on Win XP SP2
  • Microsoft Windows XP SP2 or later is installed
  • AND Microsoft Internet Explorer 7 is installed
  • AND the version of Mshtml.dll is less than 7.0.6000.16481
  • OR IE 7 on Win 2k3 SP1 or SP2
  • Win 2k3 SP1 or SP2
  • Microsoft Windows Server 2003 SP1 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • AND Microsoft Internet Explorer 7 is installed
  • AND the version of Mshtml.dll is less than 7.0.6000.16481
  • OR IE 7 on Win Vista
  • Microsoft Windows Vista is installed
  • AND Microsoft Internet Explorer 7 is installed
  • AND the version of Mshtml.dll is less than 7.0.6000.16481
  • OR IE 6 on Win XP SP2 (64-bit)
  • Microsoft Internet Explorer 6 is installed
  • AND the version of Mshtml.dll is less than 6.0.3790.4064
  • AND Microsoft Windows XP x64 Edition SP2 is installed
  • OR IE 6 on Win XP SP1 (64-bit)
  • Microsoft Windows XP SP1 (64-bit) is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of Mshtml.dll is less than 6.0.3790.2920
  • OR IE 7 on Win XP SP2 (64-bit)
  • Microsoft Internet Explorer 7 is installed
  • AND the version of Mshtml.dll is less than 7.0.6000.16481
  • AND Microsoft Windows XP x64 Edition SP2 is installed
    • BACK