Oval Definition:	oval:org.mitre.oval:def:24805
Revision Date: 2014-08-25 Version: 47 Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2785 (MS14-037) Description: Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2014-2785 Platform(s): Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Product(s): Microsoft Internet Explorer 7 Definition Synopsis Microsoft Internet Explorer 7 is installed AND vulnerable os and their respective file versions 2k3(x86 + x64+ ia64) + vulnerable file versions 2k3(x86 + x64 + ia64) Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 for Itanium is installed AND Check if the version of mshtml.dll is less than 7.0.6000.21395 OR Vista / 2k8 and vulnerable file version Vista/2k8 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed AND Check for vulnerable versions Check if the version of mshtml.dll is less than 7.0.6002.19114 OR Check for LDR Check if the version of mshtml.dll is greater than or equal to 7.0.6002.23000 AND Check if the version of mshtml.dll is less than 7.0.6002.23413
BACK