Oval Definition:	oval:org.mitre.oval:def:4332
Revision Date: 2014-02-24 Version: 46 Title: Uninitialized Memory Corruption Vulnerability Description: Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2007-5347 Platform(s): Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Internet Explorer Definition Synopsis IE 6 on Win 2k, SP4 Microsoft Windows 2000 SP4 or later is installed AND Internet Explorer 6 Service Pack 1 is installed AND the version of mshtml.dll is less than 6.0.2800.1605 OR IE 6 on Win XP SP2 Microsoft Windows XP SP2 or later is installed AND Microsoft Internet Explorer 6 is installed AND the version of mshtml.dll is less than 6.0.2900.3243 OR IE 6 on Win S03 SP1 Microsoft Windows Server 2003 SP1 (x86) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 SP1 for Itanium is installed AND Microsoft Internet Explorer 6 is installed AND the version of mshtml.dll is less than 6.0.3790.4186 OR IE 6 on Win S03 SP2 Microsoft Windows Server 2003 SP2 (x86) is installed OR Microsoft Windows Server 2003 SP2 (x64) is installed OR Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Internet Explorer 6 is installed AND the version of mshtml.dll is less than 6.0.3790.4186 OR IE 6 on Win XP SP1 (64-bit) Microsoft Windows XP SP1 (64-bit) is installed AND Microsoft Internet Explorer 6 is installed AND the version of mshtml.dll is less than 6.0.3790.4186 OR IE 6 on Win XP SP2 (64-bit) Microsoft Internet Explorer 6 is installed AND the version of mshtml.dll is less than 6.0.3790.4186 AND Microsoft Windows XP x64 Edition SP2 is installed OR IE 7 on all platforms Microsoft Internet Explorer 7 is installed AND the version of mshtml.dll is less than 7.0.6000.16587
BACK