Oval Definition:oval:org.mitre.oval:def:24455
Revision Date:2014-09-01Version:69
Title:Remote code execution in Microsoft Office products (CVE-2014-1818) - MS14-036
Description:GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting 2007 Console, Lync 2010 and 2013, Lync 2010 Attendee, and Lync Basic 2013 allows remote attackers to execute arbitrary code via a crafted EMF+ record in an image file, aka "GDI+ Image Parsing Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2014-1818
Platform(s):Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Live Meeting Console 2007
Microsoft Lync 2010
Microsoft Lync 2010 Attendee
Microsoft Lync Basic 2013
Microsoft Office 2007
Microsoft Office 2010
Definition Synopsis
  • server 2003/version
  • x86/x64/ia-64
  • Microsoft Windows Server 2003 for Itanium is installed
  • OR Microsoft Windows Server 2003 (32-bit) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • AND either file versions
  • Check if the version of usp10.dll is less than 1.422.3790.5340
  • OR Check if the version of gdiplus.dll is less than 5.2.6002.23386
  • OR vista/2008/versions
  • vista/2008
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND either file versions
  • ldr range
  • Check if the version of gdiplus.dll is less than 5.2.6002.23386
  • AND Check if the version of gdiplus.dll is greater than or equal to 5.2.6002.23000
  • OR Check if the version of gdiplus.dll is less than 5.2.6002.19096
  • OR Check if the version of usp10.dll is less than 1.626.6002.19096
  • OR ldr range
  • Check if the version of usp10.dll is less than 1.626.6002.23386
  • AND Check if the version of Usp10.dll is greater than or equal to 1.626.6002.23000
  • OR win 7/2008 r2/versions
  • win 7/2008 r2
  • Microsoft Windows 7 (32-bit) is installed
  • OR Microsoft Windows 7 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
  • AND either file versions
  • Check if the version of usp10.dll is less than 1.626.7601.18454
  • OR Check if the version of gdiplus.dll is less than 6.1.7601.18455
  • OR ldr range
  • Check if the version of usp10.dll is less than 1.626.7601.22666
  • AND Check if the version of usp10.dll is greater than or equal to 1.626.7601.22000
  • OR ldr range
  • Check if the version of gdiplus.dll is less than 6.1.7601.22667
  • AND Check if the version of Gdiplus.dll is greater than or equal to 6.1.7601.22000
  • OR win 8/2012/versions
  • win 8/2012
  • Microsoft Windows 8 (x86) is installed
  • OR Microsoft Windows 8 (x64) is installed
  • OR Microsoft Windows Server 2012 is installed
  • AND gdr/ldr
  • Check if the version of gdi32.dll is less than 6.2.9200.16909
  • OR ldr range
  • Check if the version of gdi32.dll is less than 6.2.9200.21032
  • AND Check if the version of gdi32.dll is greater than or equal to 6.2.9200.21000
  • OR win 8.1/2012 r2/versions
  • win 8.1/2012 r2
  • Microsoft Windows 8.1 (x86) is installed
  • OR Microsoft Windows 8.1 (x64) is installed
  • OR Microsoft Windows Server 2012 R2 is installed
  • AND either file versions
  • Check if the version of gdi32.dll is less than 6.3.9600.17111
  • OR Check if the version of dwrite.dll is less than 6.3.9600.17111
  • OR office 2007/version
  • Microsoft Office 2007 SP3 is installed
  • AND either versions
  • Check if the version of Ogl.dll is less than 12.0.6700.5000
  • OR Check if the version of usp10.dll is less than 1.626.6002.23386
  • OR office 2010/version
  • either file versions
  • Check if the version of Ogl.dll is less than 14.0.7125.5000
  • OR server 2003/file
  • Check if the version of usp10.dll is less than 1.626.7601.22666
  • AND Microsoft Windows Server 2003 for Itanium is installed
  • AND Microsoft Windows Server 2003 (32-bit) is installed
  • AND Microsoft Windows Server 2003 (x64) is installed
  • AND 2010 sp1/sp2
  • Microsoft Office 2010 SP1 is installed
  • OR Microsoft Office 2010 SP2 is installed
  • OR lync 2010/version
  • Microsoft Lync 2010 is installed
  • AND Check if the version of Ogl.dll (Lync 2010) is less than 4.0.7577.4446
  • OR lync 2010 attendee (user)/version
  • Microsoft Lync 2010 Attendee (user level install) is installed
  • AND Check if the version of Ogl.dll (user level) is less than 4.0.7577.4446
  • OR lync 2010 attendee (admin)/version
  • Microsoft Lync 2010 Attendee (admin level install) is installed
  • AND Check if the version of Ogl.dll (admin level) is less than 4.0.7577.4446
  • OR lync basic 2013/version
  • basic 2013/sp1
  • Microsoft Lync Basic 2013 is installed
  • OR Microsoft Lync Basic 2013 SP1 is installed
  • AND Check if the version of Autohelper.dll is less than 15.0.4569.1000
  • OR live meeting 2007/version
  • Microsoft Live Meeting 2007 Console is installed
  • AND Check if the version of Collaborate.dll is less than 8.0.6362.264
    • BACK