Oval Definition:oval:org.mitre.oval:def:632
Revision Date:2012-05-28Version:7
Title:Office Malformed Record Memory Corruption Vulnerability
Description:Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "array boundary condition" (possibly an array index overflow), a different vulnerability than CVE-2006-3434, CVE-2006-3650, and CVE-2006-3868.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-3864
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):Microsoft Office
Definition Synopsis
  • Microsoft Office 2000
  • Microsoft Office 2000 is installed
  • AND The Office 2000 (or later) version of Mso9.dll is installed.
  • AND The version of mso9.dll is less than 9.0.0.8950.
  • OR Microsoft Office XP
  • Microsoft Office XP is installed
  • AND The Office XP (or later) version of Mso.dll is installed.
  • AND The version of mso.dll is less than 10.0.6817.0.
  • OR Microsoft Office 2003
  • Microsoft Office 2003 is installed
  • AND The Office 2003 (or later) version of Mso.dll is installed.
  • AND The version of mso.dll is less than 11.0.8107.0.
  • OR Microsoft Project 2000
  • Microsoft Project 2000 SR1 is installed
  • AND The Office 2000 (or later) version of Mso9.dll is installed.
  • AND The version of mso9.dll is less than 9.0.0.8950.
  • OR Microsoft Project 2002
  • Microsoft Project 2002 SP1 is installed
  • AND The Office XP (or later) version of Mso.dll is installed.
  • AND The version of mso.dll is less than 10.0.6817.0.
  • OR Microsoft Office Visio 2002
  • Microsoft Office Visio 2002 SP2 is installed
  • AND The Office XP (or later) version of Mso.dll is installed.
  • AND The version of mso.dll is less than 10.0.6817.0.
  • OR Microsoft Word Viewer
  • Microsoft Word Viewer is installed
  • AND The Office 2003 (or later) version of Mso.dll is installed.
  • AND The version of mso.dll is less than 11.0.8107.0.
  • OR Microsoft Excel Viewer 2003
  • Microsoft Excel Viewer 2003 is installed
  • AND The Office 2003 (or later) version of Mso.dll is installed.
  • AND The version of mso.dll is less than 11.0.8107.0.
    • BACK