Oval Definition:	oval:org.mitre.oval:def:22175
Revision Date: 2014-08-18 Version: 47 Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0306) - MS14-012 Description: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2014-0306 Platform(s): Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Definition Synopsis IE 8 and vulnerable file version Microsoft Internet Explorer 8 is installed AND Check for vulnerable OS and files XP / 2k3 and vulnerable file version XP / 2K3 Microsoft Windows XP (32-bit) is installed OR Microsoft Windows XP x64 is installed OR Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed AND Check if the version of mshtml.dll is less than 8.0.6001.23569 OR Vista / 2k8 and vulnerable file version Vista / 2K8 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 8.0.6001.19507 OR Win 7 / 2k8 R2 and vulnerable file version Win 7 / R2 Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 8.0.7601.18392 OR IE 9 and vulnerable file version Microsoft Internet Explorer 9 is installed AND Win 7 / R2 / Vista / 2K8 Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 9.0.8112.16540 OR Check for LDR Check if the version of mshtml.dll is greater than or equal to 9.0.8112.20000 AND Check if the version of mshtml.dll is less than 9.0.8112.20651
BACK