Oval Definition:	oval:org.mitre.oval:def:24381
Revision Date: 2014-08-18 Version: 49 Title: Internet Explorer memory corruption vulnerability (CVE-2014-1753) - MS14-018 Description: Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2014-1753 Platform(s): Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Definition Synopsis IE 7 and vulnerable file version Microsoft Internet Explorer 7 is installed AND XP, 2k3, Vista or 2k8 2k8 or Vista and vulnerable file version either OS Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed AND GDR / LDR Check if the version of mshtml.dll is less than 7.0.6002.19044 OR XP / 2k3 and vulnerable file version Either OS Microsoft Windows XP x64 is installed OR Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 (ia64) Gold is installed AND Check if the version of mshtml.dll is less than 7.0.6000.21376 OR IE 6 and vulnerable file version Microsoft Internet Explorer 6 is installed AND XP / 2k3 and vulnerable file version Win Xp (x86) and vulnerable file version Microsoft Windows XP (32-bit) is installed AND Check if the version of mshtml.dll is less than 6.0.2900.6525 OR Win XP (x64) or Win 2k3 and vulnerable file version Either OS Microsoft Windows XP x64 is installed OR Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 (ia64) Gold is installed AND Check if the version of mshtml.dll is less than 6.0.3790.5303 OR IE 9 and vulnerable file version either OS Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed AND GDR / LDR Check if the version of mshtml.dll is less than 9.0.8112.16545 OR LDR range Check if the version of mshtml.dll is less than 9.0.8112.20656 AND Check if the version of mshtml.dll is greater than or equal to 9.0.8112.20000 AND Microsoft Internet Explorer 9 is installed OR IE 8 and vulnerable file version Microsoft Internet Explorer 8 is installed AND XP / 2k3 / Vista / 2k8 / Win 7 / R2 and vulnerable file versions XP / 2K3 and vulnerable file version XP / 2K3 Microsoft Windows XP (32-bit) is installed OR Microsoft Windows XP x64 is installed OR Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed AND Check if the version of mshtml.dll is less than 8.0.6001.23580 OR Vista / 2k8 and vulnerable file version Vista / 2K8 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 8.0.6001.19518 OR Win 7 / R2 and vulnerable file version Win 7 / R2 Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 8.0.7601.18404
BACK