Oval Definition:oval:org.mitre.oval:def:5388
Revision Date:2012-11-12Version:47
Title:OLE Heap Overrun Vulnerability
Description:Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-0065
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Visual Basic 6.0
Definition Synopsis
  • Vulnerable Windows 2000 SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND the version of oleaut32.dll is less than 2.40.4532.0
  • OR Vulnerable Windows XP SP2
  • Microsoft Windows XP SP2 or later is installed
  • AND the version of oleaut32.dll is less than 5.1.2600.3266
  • OR Vulnerable Windows XP x64 SP1/Server 2003 (x86)/(x64)/(ia-64) SP1
  • Windows XP x64 SP1/Server 2003 (x86)/(x64)/(ia-64) SP1
  • Microsoft Windows XP Professional x64 Edition SP1 is installed
  • OR Microsoft Windows Server 2003 SP1 (x86) is installed
  • OR Microsoft Windows Server 2003 SP1 (x64) is installed
  • OR Microsoft Windows Server 2003 SP1 for Itanium is installed
  • AND the version of oleaut32.dll is less than 5.2.3790.3057
  • OR Vulnerable Windows XP x64 SP2/Server 2003 (x86)/(x64)/(ia-64) SP2
  • Windows XP x64 SP2/Server 2003 (x86)/(x64)/(ia-64) SP2
  • Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND the version of oleaut32.dll is less than 5.2.3790.4202
  • OR Vulnerable Windows Vista (32-bit)/(x64)
  • Windows Vista (32-bit)/(x64)
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND Check for LDR/GDR
  • the version of oleaut32.dll is less than 6.0.6000.16607
  • OR Check for LDR
  • the version of oleaut32.dll is less than 6.0.6000.20732
  • AND Check if version of oleaut32.dll is greater than or equal to 6.0.6000.20000
  • OR Vulnerable Visual Basic 6.0
  • Vulnerable file version
  • the version of oleaut32.dll is less than 2.40.4532.0
  • OR the version of oleaut32.dll is less than 5.2.3790.3057
  • OR the version of oleaut32.dll is less than 5.2.3790.4202
  • OR the version of oleaut32.dll is less than 6.0.6000.20732
  • OR the version of oleaut32.dll is less than 5.1.2600.3266
  • OR Check if version of oleaut32.dll is less than 2.40.4520.0
  • OR Check if version of oleaut32.dll is less than 5.2.3790.727
  • OR Check if version of oleaut32.dll is less than 3.50.5022.0
  • AND Microsoft Visual Basic 6.0 is installed
    • BACK