Oval Definition:oval:org.mitre.oval:def:782
Revision Date:2014-02-24Version:49
Title:IE6 for Server 2003 PNG Image Buffer Overflow
Description:Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-1211
Platform(s):Microsoft Windows Server 2003
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Software section
  • Internet Explorer 6 for Windows Server 2003 is installed
  • AND a vulnerable version of mshtml.dll exisits
  • a vulnerable version of mshtml.dll exists
  • 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed
  • 32-Bit version of Windows is installed
  • OR a version of Windows for the ia64 architecture is installed
  • AND NOT Win2K/XP/2003 is patched
  • AND the version of mshtml.dll is less than 6.0.3790.327
  • OR a vulnerable version of mshtml.dll exists
  • 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed
  • 32-Bit version of Windows is installed
  • OR a version of Windows for the ia64 architecture is installed
  • AND Win2K/XP/2003/Vista service pack 1 is installed
  • AND the version of mshtml.dll is less than 6.0.3790.2440
  • OR a vulnerable version of mshtml.dll exists
  • 64-Bit (x64 architecture) version of Windows is installed
  • AND NOT Win2K/XP/2003 is patched
  • AND the version of mshtml.dll is less than 6.0.3790.2440
  • AND NOT the patch kb883939 is installed
  • AND Configuration section
  • PNG image rendering enabled in Internet Explorer
    • BACK