Oval Definition:	oval:org.mitre.oval:def:8446
Revision Date: 2014-08-18 Version: 47 Title: Uninitialized Memory Corruption Vulnerability (CVE-2010-0806) Description: Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2010-0806 Platform(s): Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Definition Synopsis Internet Explorer 6 on Windows 2000 - RTMGDR Microsoft Windows 2000 is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2800.1646 OR Internet Explorer 6 on XP x86 Microsoft Windows XP (32-bit) is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2900.3676 OR Internet Explorer 6 on XP x86 Microsoft Windows XP (32-bit) is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2900.5945 OR Internet Explorer 6 on XP x64, Server 2003 x86/x64/ia64 XP x64/server 2003 x86/x64/ia64 Microsoft Windows XP x64 is installed OR Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.3790.4672 OR Internet Explorer 7 on XP x86/x64 - GDR XP x86/x64 Microsoft Windows XP (32-bit) is installed OR Microsoft Windows XP x64 is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.17023 OR Internet Explorer 7 on XP x86/x64 - QFE XP x86/x64 Microsoft Windows XP (32-bit) is installed OR Microsoft Windows XP x64 is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21228 OR Internet Explorer 7 on Server 2003 x86/x64/ia64 - GDR Server 2003 x86/x64/ia64 Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.17023 OR Internet Explorer 7 on Server 2003 x86/x64/ia64 - QFE Server 2003 x86/x64/ia64 Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21228 OR Internet Explorer 7 on Vista x86/x64 - GDR Vista x86/x64 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.17037 OR Internet Explorer 7 on Vista x86/x64 - LDR Vista x86/x64 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21242 OR Internet Explorer 7 on Vista x86/x64, Server 2008 x86/x64/ia64 - GDR Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18444 OR Internet Explorer 7 on Vista x86/x64, Server 2008 x86/x64/ia64 - LDR Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6001.20000 AND Mshtml.dll version is less than 7.0.6001.22653 OR Internet Explorer 7 on Vista x86/x64, Server 2008 x86/x64/ia64 - GDR Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6002.18000 AND Mshtml.dll version is less than 7.0.6002.18226 OR Internet Explorer 7 on Vista x86/x64, Server 2008 x86/x64/ia64 - LDR Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6002.22000 AND Mshtml.dll version is less than 7.0.6002.22360
BACK