Oval Definition:oval:org.mitre.oval:def:6042
Revision Date:2009-11-30Version:42
Title:Memory Corruption in Indexing Service Vulnerability
Description:A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-2507
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):
Definition Synopsis
  • Windows 2000 SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND the version of query.dll is less than 5.0.2195.7320
  • OR Windows XP x86 SP2
  • Microsoft Windows XP (x86) SP2 is installed
  • AND the version of query.dll is less than 5.1.2600.3602
  • OR Windows XP x86 SP3
  • Microsoft Windows XP (x86) SP3 is installed
  • AND the version of query.dll is less than 5.1.2600.5847
  • OR Windows XP x64 SP2, Windows Server 2003 SP2 x86/x64/ia64
  • Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND the version of query.dll is less than 5.2.3790.4554
    • BACK