Oval Definition:	oval:org.mitre.oval:def:29159
Revision Date: 2015-12-22 Version: 44 Title: Internet Explorer memory corruption vulnerability - CVE-2015-2412 (MS15-065) Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2015-2412 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Product(s): Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Definition Synopsis IE 10 + vulnerable os and file version Microsoft Internet Explorer 10 is installed AND Win 7/R2 Win 8/ 2k12 Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows 8 (x86) is installed OR Microsoft Windows 8 (x64) is installed OR Microsoft Windows Server 2012 (64-bit) is installed AND Check for vulnerable versions Check if the version of mshtml.dll is less than 10.0.9200.17412 OR Check for LDR Check for mshtml.dll version greater than or equal to 10.0.9200.21000 AND Check if the version of mshtml.dll is less than 10.0.9200.21523 OR IE 11 + vulnerable os and file version Microsoft Internet Explorer 11 is installed AND Win 7/ 2k8 R2/ 8.1/2k12 R2 Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows 8.1 (x86) is installed OR Microsoft Windows 8.1 (x64) is installed OR Microsoft Windows Server 2012 R2 is installed AND Check if the version of mshtml.dll is less than 11.0.9600.17905
BACK