Oval Definition:	oval:org.mitre.oval:def:26234
Revision Date: 2014-09-22 Version: 46 Title: Internet Explorer memory corruption vulnerability (CVE-2014-0325) - MS14-018 Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that triggers improper processing of CElement objects, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1751 and CVE-2014-1755. NOTE: MS14-018 originally had a typo of CVE-2014-0235 for this. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2014-0325 Platform(s): Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Internet Explorer 9 Definition Synopsis either OS Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed AND GDR / LDR Check if the version of mshtml.dll is less than 9.0.8112.16545 OR LDR range Check if the version of mshtml.dll is less than 9.0.8112.20656 AND Check if the version of mshtml.dll is greater than or equal to 9.0.8112.20000 AND Microsoft Internet Explorer 9 is installed
BACK