9.3 - MS09-072

Executive Summary

Summary
Title	Cumulative Security Update for Internet Explorer (976325)

Informations
Name	MS09-072	First vendor Publication	2009-12-08
Vendor	Microsoft	Last vendor Modification	2009-12-09
Severity (Vendor)	Critical	Revision	1.1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.1 (December 9, 2009): Corrected a reference to Microsoft Knowledge Base Article 976749 in the section, Frequently Asked Questions (FAQ) Related to This Security Update. Also corrected, in the Security Update Deployment section, the registry key for verification of the update for Internet Explorer 7 for all supported x64-based editions of Windows XP.Summary: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. An ActiveX control built with Microsoft Active Template Library (ATL) headers could also allow remote code execution; for more information about this issue, see the subsection, Frequently Asked Questions (FAQ) Related to This Security Update, in this section.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS09-072.mspx

CWE : Common Weakness Enumeration

%	Id	Name
40 %	CWE-399	Resource Management Errors
40 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
20 %	CWE-264	Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6245

Oval ID:	oval:org.mitre.oval:def:6245
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Outlook Express Windows Media Player Windows ATL Component DHTML Editing Component ActiveX Control
Definition Synopsis:
Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Microsoft Outlook Express 6 on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Microsoft Outlook Express 6 on Windows XP SP2 (64-bit) Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 AND Microsoft Windows XP x64 Edition SP2 is installed OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 (x64-bit) Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Microsoft Outlook Express 6 on Windows Server 2003 SP2 (ia64) Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.3271 OR Windows Media Player 9 on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v9 is installed. AND the version of Wmp.dll is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP SP2/SP3 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4074 OR Windows Media Player 10 on Windows XP SP2 (x64-bit) Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 AND Microsoft Windows XP x64 Edition SP2 is installed OR Windows Media Player 10 on Windows Server 2003 SP2 x86 Microsoft Windows Server 2003 SP2 (x86) is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 OR Windows Media Player 10 on Windows Server 2003 SP2 (x64-bit) Microsoft Windows Server 2003 SP2 (x64) is installed AND Windows Media Player v10 is installed. AND the version of Wmp.dll is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP SP2/SP3 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Windows Media Player v11 is installed. AND the version of Wmp.dll is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows XP SP2 (x64-bit) Windows Media Player v11 is installed. AND the version of Wmp.dll is less than 11.0.5721.5268 AND Microsoft Windows XP x64 Edition SP2 is installed OR Windows Media Player 11 on Windows Vista (32-bit)/(64-bit) IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND the version of Spwmp.dll is greater than or equal 6.0.6000.16000 AND the version of Wmp.dll is less than 11.0.6000.6352 OR Windows Media Player 11 on Windows Vista SP1/Server 2008 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of Spwmp.dll is greater than or equal 6.0.6001.18000 AND the version of Wmp.dll is less than 11.0.6001.7007 OR Windows Media Player 11 on Windows Vista SP2/Server 2008 SP2 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND the version of Spwmp.dll is greater than or equal 6.0.6002.18000 AND the version of Wmp.dll is less than 11.0.6002.18065 OR Windows Media Player 11 on Windows Vista (32-bit)/(64-bit) IF Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND the version of Wmp.dll is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista SP1/Server 2008 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of Spwmp.dll is greater than or equal 6.0.6001.22000 AND the version of Wmp.dll is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista SP2/Server 2008 SP2 (32-bit)/(64-bit)/ia64 IF Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND the version of Spwmp.dll is greater than or equal 6.0.6002.22000 AND the version of Wmp.dll is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 SP4 Microsoft Windows 2000 SP4 or later is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 IF Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit IF Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x86 Microsoft Windows XP (x86) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP3 x86 Microsoft Windows XP (x86) SP3 is installed AND the version of Mswebdvd.dll is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP SP2 x64, Server 2003 x86/x64 IF Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386

Definition Id: oval:org.mitre.oval:def:6304

Oval ID:	oval:org.mitre.oval:def:6304
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	13
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio .NET 2003 SP1 is installed AND the version of Mfc71.dll is less than 7.10.6101.0 OR Microsoft Visual Studio 2005 Service Pack 1 Microsoft Visual Studio 2005 Service Pack 1 is installed AND the version of ATL80.dll is less than 8.0.50727.4053 OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND the version of ATL90.dll is less than 9.0.21022.218 OR Microsoft Visual Studio 2008 Service Pack 1 Microsoft Visual Studio 2008 Service Pack 1 is installed AND the version of ATL90.dll is less than 9.0.30729.4148 OR Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2005 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is greater than or equal 8.0.50727.4053 OR Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package is installed AND NOT the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148 AND NOT the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is greater than or equal 9.0.30729.4148

Definition Id: oval:org.mitre.oval:def:6381

Oval ID:	oval:org.mitre.oval:def:6381
Title:	HTML Object Memory Corruption Vulnerability (CVE-2009-3672)
Description:	Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory that (1) were not properly initialized or (2) are deleted, which allows remote attackers to execute arbitrary code via vectors involving a call to the getElementsByTagName method for the STYLE tag name, selection of the single element in the returned list, and a change to the outerHTML property of this element, related to Cascading Style Sheets (CSS) and mshtml.dll, aka "HTML Object Memory Corruption Vulnerability." NOTE: some of these details are obtained from third party information. NOTE: this issue was originally assigned CVE-2009-4054, but Microsoft assigned a duplicate identifier of CVE-2009-3672. CVE consumers should use this identifier instead of CVE-2009-4054.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-3672	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
IE6/Windows 2000 Microsoft Windows 2000 is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2800.1642 OR IE6/XP (32-bit) Microsoft Windows XP (32-bit) is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2900.3640 OR IE6/XP (32-bit) Microsoft Windows XP (32-bit) is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2900.5897 OR IE6/XP x64/server 2003 x86/x64/ia64 XP x64/server 2003 x86/x64/ia64 Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.3790.4611 OR IE7/XP x86/x64 XP x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16945 OR IE7/XP x86/x64 XP x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21148 OR IE7/Server 2003 x86/x64/ia64 Server 2003 x86/x64/ia64 Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16945 OR IE7/Server 2003 x86/x64/ia64 Server 2003 x86/x64/ia64 Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21148 OR IE7/Vista x86/x64 Vista x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16945 OR IE7/Vista x86/x64 Vista x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21148 OR IE7/Vista x86/x64, Server 2008 x86/x64/ia64 Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18349 OR IE7/Vista x86/x64, Server 2008 x86/x64/ia64 Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6001.20000 AND Mshtml.dll version is less than 7.0.6001.22550 OR IE7/Vista x86/x64, Server 2008 x86/x64/ia64 Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6002.18000 AND Mshtml.dll version is less than 7.0.6002.18130 OR IE7/Vista x86/x64, Server 2008 x86/x64/ia64 Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6002.22000 AND Mshtml.dll version is less than 7.0.6002.22252

Definition Id: oval:org.mitre.oval:def:6382

Oval ID:	oval:org.mitre.oval:def:6382
Title:	Uninitialized Memory Corruption Vulnerability (CVE-2009-3671)
Description:	Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3674.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-3671	Version:	8
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
IE8/XP x86/x64, Server 2003 x86/x64 XP x86/x64, Server 2003 x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.18000 AND Mshtml.dll version is less than 8.0.6001.18854 OR IE8/XP x86/x64, Server 2003 x86/x64 XP x86/x64, Server 2003 x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.22000 AND Mshtml.dll version is less than 8.0.6001.22945 OR IE8/Vista x86/x64, Server 2008 x86/x64 Vista x86/x64, Server 2008 x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.18000 AND Mshtml.dll version is less than 8.0.6001.18865 OR IE8/Vista x86/x64, Server 2008 x86/x64 Vista x86/x64, Server 2008 x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.22000 AND Mshtml.dll version is less than 8.0.6001.22956 OR IE8/7 x86/x64, Server 2008 R2 x64/ia64 7 x86/x64, Server 2008 R2 x64/ia64 Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than or equal 8.0.7600.16000 AND Mshtml.dll version is less than 8.0.7600.16466 OR IE8/7 x86/x64, Server 2008 R2 x64/ia64 7 x86/x64, Server 2008 R2 x64/ia64 Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than or equal 8.0.7600.20000 AND Mshtml.dll version is less than 8.0.7600.20579

Definition Id: oval:org.mitre.oval:def:6421

Oval ID:	oval:org.mitre.oval:def:6421
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):
Definition Synopsis:
IF Microsoft Windows 2000 SP4 or later is installed AND Microsoft Windows XP (x86) SP2 is installed AND Microsoft Windows XP (x86) SP3 is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E531-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E531-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E532-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E532-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E554-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E554-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E55C-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E55C-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279D6C9A-652E-4833-BEFC-312CA8887857}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279D6C9A-652E-4833-BEFC-312CA8887857}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B1F78FEF-3DB7-4C56-AF2B-5DCCC7C42331}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B1F78FEF-3DB7-4C56-AF2B-5DCCC7C42331}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C832BE8F-4B89-4579-A217-DB92E7A27915}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C832BE8F-4B89-4579-A217-DB92E7A27915}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A9A7297E-969C-43F1-A1EF-51EBEA36F850}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A9A7297E-969C-43F1-A1EF-51EBEA36F850}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DD8C2179-1B4A-4951-B432-5DE3D1507142}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DD8C2179-1B4A-4951-B432-5DE3D1507142}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F1E5B1A-2A80-42ca-8532-2D05CB959537}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F1E5B1A-2A80-42ca-8532-2D05CB959537}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A3D328-D206-4106-8D33-1AA39B13394B}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A3D328-D206-4106-8D33-1AA39B13394B}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DB640C86-731C-484A-AAAF-750656C9187D}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DB640C86-731C-484A-AAAF-750656C9187D}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15721a53-8448-4731-8bfc-ed11e128e444}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15721a53-8448-4731-8bfc-ed11e128e444}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3267123E-530D-4E73-9DA7-79F01D86A89F}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3267123E-530D-4E73-9DA7-79F01D86A89F}!Compatibility Flags is not equal to 0x00000400

Definition Id: oval:org.mitre.oval:def:6473

Oval ID:	oval:org.mitre.oval:def:6473
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	2
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003	Product(s):	Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007
Definition Synopsis:
Outlook 2002 Microsoft Outlook 2002 is installed AND the version of Outllib.dll is less than 10.0.6856.0 OR Outlook 2003 Microsoft Outlook 2003 is installed AND the version of Outllib.dll is less than 11.0.8313.0 OR Outlook 2007 Microsoft Outlook 2007 is installed AND the version of Outlook.exe is less than 12.0.6514.5000 OR Microsoft Visio Viewer 2002 Microsoft Visio Viewer 2002 is installed OR Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2003 is installed OR Microsoft Office Visio Viewer 2007 Microsoft Office Visio Viewer 2007 is installed AND the version of Vviewer.dll is less than 12.0.6513.5000

Definition Id: oval:org.mitre.oval:def:6519

Oval ID:	oval:org.mitre.oval:def:6519
Title:	Uninitialized Memory Corruption Vulnerability (CVE-2009-3673)
Description:	Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-3673	Version:	9
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
IE7/XP x86/x64 XP x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16945 OR IE7/XP x86/x64 XP x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21148 OR IE7/Server 2003 x86/x64/ia64 Server 2003 x86/x64/ia64 Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16945 OR IE7/Server 2003 x86/x64/ia64 Server 2003 x86/x64/ia64 Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21148 OR IE7/Vista x86/x64 Vista x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16945 OR IE7/Vista x86/x64 Vista x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.21148 OR IE7/Vista x86/x64, Server 2008 x86/x64/ia64 Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18349 OR IE7/Vista x86/x64, Server 2008 x86/x64/ia64 Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6001.20000 AND Mshtml.dll version is less than 7.0.6001.22550 OR IE7/Vista x86/x64, Server 2008 x86/x64/ia64 Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6002.18000 AND Mshtml.dll version is less than 7.0.6002.18130 OR IE7/Vista x86/x64, Server 2008 x86/x64/ia64 Vista x86/x64, Server 2008 x86/x64/ia64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6002.22000 AND Mshtml.dll version is less than 7.0.6002.22252 OR IE8/XP x86/x64, Server 2003 x86/x64 XP x86/x64, Server 2003 x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.18000 AND Mshtml.dll version is less than 8.0.6001.18854 OR IE8/XP x86/x64, Server 2003 x86/x64 XP x86/x64, Server 2003 x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.22000 AND Mshtml.dll version is less than 8.0.6001.22945 OR IE8/Vista x86/x64, Server 2008 x86/x64 Vista x86/x64, Server 2008 x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.18000 AND Mshtml.dll version is less than 8.0.6001.18865 OR IE8/Vista x86/x64, Server 2008 x86/x64 Vista x86/x64, Server 2008 x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.22000 AND Mshtml.dll version is less than 8.0.6001.22956 OR IE8/7 x86/x64, Server 2008 R2 x64/ia64 7 x86/x64, Server 2008 R2 x64/ia64 Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than or equal 8.0.7600.16000 AND Mshtml.dll version is less than 8.0.7600.16466 OR IE8/7 x86/x64, Server 2008 R2 x64/ia64 7 x86/x64, Server 2008 R2 x64/ia64 Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than or equal 8.0.7600.20000 AND Mshtml.dll version is less than 8.0.7600.20579

Definition Id: oval:org.mitre.oval:def:6570

Oval ID:	oval:org.mitre.oval:def:6570
Title:	Uninitialized Memory Corruption Vulnerability (CVE-2009-3674)
Description:	Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-3674	Version:	8
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
IE8/XP x86/x64, Server 2003 x86/x64 XP x86/x64, Server 2003 x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.18000 AND Mshtml.dll version is less than 8.0.6001.18854 OR IE8/XP x86/x64, Server 2003 x86/x64 XP x86/x64, Server 2003 x86/x64 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.22000 AND Mshtml.dll version is less than 8.0.6001.22945 OR IE8/Vista x86/x64, Server 2008 x86/x64 Vista x86/x64, Server 2008 x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.18000 AND Mshtml.dll version is less than 8.0.6001.18865 OR IE8/Vista x86/x64, Server 2008 x86/x64 Vista x86/x64, Server 2008 x86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than 8.0.6001.22000 AND Mshtml.dll version is less than 8.0.6001.22956 OR IE8/7 x86/x64, Server 2008 R2 x64/ia64 7 x86/x64, Server 2008 R2 x64/ia64 Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than or equal 8.0.7600.16000 AND Mshtml.dll version is less than 8.0.7600.16466 OR IE8/7 x86/x64, Server 2008 R2 x64/ia64 7 x86/x64, Server 2008 R2 x64/ia64 Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Microsoft Internet Explorer 8 is installed AND Mshtml.dll version is greater than or equal 8.0.7600.20000 AND Mshtml.dll version is less than 8.0.7600.20579

Definition Id: oval:org.mitre.oval:def:6621

Oval ID:	oval:org.mitre.oval:def:6621
Title:	ATL COM Initialization Vulnerability (CVE-2009-2493)
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	1
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
IF Microsoft Windows 2000 SP4 or later is installed AND Microsoft Internet Explorer 5.01 SP4 is installed AND Mshtml.dll version is less than 5.0.3882.2700 OR Microsoft Windows 2000 SP4 or later is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2800.1642 OR Microsoft Windows XP (x86) SP2 is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2900.3640 OR Microsoft Windows XP (x86) SP3 is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.2900.5897 OR IF Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Internet Explorer 6 is installed AND Mshtml.dll version is less than 6.0.3790.4611

Definition Id: oval:org.mitre.oval:def:6716

Oval ID:	oval:org.mitre.oval:def:6716
Title:	ATL COM Initialization Vulnerability
Description:	The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-2493	Version:	37
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Internet Explorer 5 Microsoft Internet Explorer 6 Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package Microsoft Outlook Express 5.5 Microsoft Outlook Express 6.0 Windows Media Player 9 Windows Media Player 10 Windows Media Player 11
Definition Synopsis:
Internet Explorer 5.01 on Windows 2000 Microsoft Windows 2000 is installed AND Microsoft Internet Explorer 5.01 SP4 is installed AND Mshtml.dll version is less than 5.0.3882.2700 OR Check for vulnerable Internet Explorer 6 Microsoft Internet Explorer 6 is installed AND Check for vulnerable OS Check for vulnerable Windows 2000 Microsoft Windows 2000 is installed AND Mshtml.dll version is less than 6.0.2800.1642 OR Check for vulnerable Windows XP (x86) Microsoft Windows XP (32-bit) is installed AND Mshtml.dll version is less than 6.0.2900.3640 OR Check for vulnerable Windows XP (x86) Microsoft Windows XP (32-bit) is installed AND Mshtml.dll version is less than 6.0.2900.5897 OR Check for vulnerable OS Check for vulnerable Windows XP x64/Windows Server 2003 (x86)/(x64)/(ia64) Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Mshtml.dll version is less than 6.0.3790.4611 OR Outlook 2002 Microsoft Outlook 2002 is installed AND the version of Outllib.dll is less than 10.0.6856.0 OR Outlook 2003 Microsoft Outlook 2003 is installed AND the version of Outllib.dll is less than 11.0.8313.0 OR Outlook 2007 Microsoft Outlook 2007 Microsoft Outlook 2007 SP1 is installed AND Microsoft Outlook 2007 SP2 is installed AND the version of Outlook.exe is less than 12.0.6514.5000 AND Microsoft Visio Viewer 2002 is installed AND Microsoft Office Visio Viewer 2003 is installed OR Microsoft Office Visio Viewer 2007 Microsoft Office Visio Viewer 2007 is installed AND the version of Vviewer.dll is less than 12.0.6513.5000 OR Microsoft Windows OS and Vulnerable ActiveX OS Check Microsoft Windows 2000 is installed AND Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Vulnerable ActiveX HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E531-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E531-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E532-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E532-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E554-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E554-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E55C-0000-0000-C000-000000000046}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E55C-0000-0000-C000-000000000046}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279D6C9A-652E-4833-BEFC-312CA8887857}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279D6C9A-652E-4833-BEFC-312CA8887857}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B1F78FEF-3DB7-4C56-AF2B-5DCCC7C42331}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B1F78FEF-3DB7-4C56-AF2B-5DCCC7C42331}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C832BE8F-4B89-4579-A217-DB92E7A27915}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C832BE8F-4B89-4579-A217-DB92E7A27915}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A9A7297E-969C-43F1-A1EF-51EBEA36F850}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A9A7297E-969C-43F1-A1EF-51EBEA36F850}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DD8C2179-1B4A-4951-B432-5DE3D1507142}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DD8C2179-1B4A-4951-B432-5DE3D1507142}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F1E5B1A-2A80-42ca-8532-2D05CB959537}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F1E5B1A-2A80-42ca-8532-2D05CB959537}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A3D328-D206-4106-8D33-1AA39B13394B}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A3D328-D206-4106-8D33-1AA39B13394B}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DB640C86-731C-484A-AAAF-750656C9187D}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DB640C86-731C-484A-AAAF-750656C9187D}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15721a53-8448-4731-8bfc-ed11e128e444}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15721a53-8448-4731-8bfc-ed11e128e444}!Compatibility Flags is not equal to 0x00000400 AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3267123E-530D-4E73-9DA7-79F01D86A89F}!Compatibility Flags does not exist AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3267123E-530D-4E73-9DA7-79F01D86A89F}!Compatibility Flags is not equal to 0x00000400 OR Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio .NET 2003 SP1 is installed AND the version of Mfc71.dll is less than 7.10.6101.0 OR Microsoft Visual Studio 2005 SP1 Microsoft Visual Studio 2005 Service Pack 1 is installed AND the version of ATL80.dll is less than 8.0.50727.4053 AND ATL80.dll exists OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND the version of ATL90.dll is less than 9.0.21022.218 AND ATL90.dll exists OR Microsoft Visual Studio 2008 SP1 Microsoft Visual Studio 2008 Service Pack 1 is installed AND the version of ATL90.dll is less than 9.0.30729.4148 AND ATL90.dll exists OR Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2005 Redistributable Package is installed AND atl80.dll version the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is less than 8.0.50727.4053 AND the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.[0-9]{1,4}.\atl80.dll is less than 8.0.50727.4053 OR Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package is installed AND atl90.dll version the version of %SystemRoot%\WinSxS\(x86\|amd64)_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is less than 9.0.30729.4148 AND the version of %SystemRoot%\winsxs\(x86\|amd64)_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.[0-9]{1,4}.\atl90.dll is less than 9.0.30729.4148 OR Microsoft Outlook Express 5.5 SP2 on Windows 2000 Microsoft Windows 2000 is installed AND Microsoft Outlook Express 5.5 SP2 is installed. AND the version of Msoe.dll is less than 5.50.5003.1000 OR Microsoft Outlook Express 6 SP1 on Windows 2000 Microsoft Windows 2000 is installed AND Microsoft Outlook Express 6 SP1 is installed. AND the version of Msoe.dll is less than 6.0.2800.1983 OR Microsoft Outlook Express 6 on Windows XP x86 Microsoft Outlook Express 6.0 for Windows XP/2003 is installed AND Check for affected platforms with vulnerable file Check for Windows XP x86 Microsoft Windows XP (32-bit) is installed AND the version of Msoe.dll is less than 6.0.2900.3598 OR Check for Windows XP x86 Microsoft Windows XP (32-bit) is installed AND the version of Msoe.dll is less than 6.0.2900.5843 OR Check for Windows XP (64-bit) and 2003 x86/x64/ia64 OS Check Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Windows XP x64 is installed AND the version of Msoe.dll is less than 6.0.3790.4548 OR Windows Media Player 9 on Windows 2000 (KB973540) Microsoft Windows 2000 is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP x86 (KB973540) Microsoft Windows XP (32-bit) is installed AND Windows Media Player v9 is installed. AND file checks the version of Wmp.dll is less than 9.0.0.3364 AND Wmpdxm.dll version is less than 9.0.0.3364 OR Windows Media Player 9 on Windows XP x86 (KB973540) Microsoft Windows XP (32-bit) is installed AND Windows Media Player v9 is installed. AND file checks Wmp.dll version is less than 9.0.0.4507 AND Wmpdxm.dll version is less than 9.0.0.4507 OR Windows Media Player 10 on Windows XP x86/x64, Server 2003 x86/x64 (KB973540) Windows Media Player v10 is installed. AND Check for affected platforms with vulnerable file Check for Windows XP Microsoft Windows XP (32-bit) is installed AND file checks Wmp.dll version is less than 10.0.0.4074 AND Wmpdxm.dll version is less than 10.0.0.4074 OR Check for Windows XP x64, Windows Server 2003 x64 OS Check Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows XP x64 is installed AND file checks the version of Wwmp.dll is less than 10.0.0.4006 AND Wwmpdxm.dll version is less than 10.0.0.4006 OR Check for Windows Server 2003 x86 Microsoft Windows Server 2003 (32-bit) is installed AND file checks the version of Wmp.dll is less than 10.0.0.4006 AND Wmpdxm.dll version is less than 10.0.0.4006 OR Windows Media Player 11 on Windows XP x86/x64 (KB973540) OS Check Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Windows Media Player v11 is installed. AND file checks Wmp.dll version is less than 11.0.5721.5268 AND Wmpdxm.dll version is less than 11.0.5721.5268 OR Windows Media Player 11 on Windows Vista 32-bit/64-bit RTM (KB973540) OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check the version of Wmp.dll is less than 11.0.6000.6352 AND Wmpdxm.dll version is less than 11.0.6000.6352 OR LDR version check the version of Spwmp.dll is greater than or equal 6.0.6000.20000 AND file checks the version of Wmp.dll is less than 11.0.6000.6511 AND Wmpdxm.dll version is less than 11.0.6000.6511 OR Windows Media Player 11 on Windows Vista 32/64-bit, Server 2008 32/64-bit (KB973540) OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check Wmp.dll version is less than 11.0.6001.7007 AND Wmpdxm.dll version is less than 11.0.6001.7007 OR LDR version check Spwmp.dll version is greater than or equal to 6.0.6001.22000 AND file checks Wmp.dll version is less than 11.0.6001.7114 AND Wmpdxm.dll version is less than 11.0.6001.7114 OR Windows Media Player 11 on Windows Vista 32/64-bit, Server 2008 32/64-bit (KB973540) OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Windows Media Player v11 is installed. AND GDR/LDR version check Wmp.dll version is less than 11.0.6002.18065 AND Wmpdxm.dll version is less than 11.0.6002.18065 OR LDR version check Spwmp.dll version is greater than or equal 6.0.6002.22000 AND file checks Wmp.dll version is less than 11.0.6002.22172 AND Wmpdxm.dll version is less than 11.0.6002.22172 OR Windows ATL Component on Windows 2000 Microsoft Windows 2000 is installed AND the version of atl.dll is less than 3.0.9794.0 OR Windows ATL Component on Windows XP, Server 2003, Vista, Server 2008 OS Check Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND the version of atl.dll is less than 3.5.2284.2 OR DHTML Editing Component ActiveX Control on Windows 2000 Microsoft Windows 2000 is installed AND the version of dhtmled.ocx is less than 6.1.0.9234 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 x86 OS Check Microsoft Windows XP (32-bit) is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND the version of dhtmled.ocx is less than 6.1.0.9247 OR DHTML Editing Component ActiveX Control on Windows XP or Server 2003 64-bit OS Check Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft Windows XP x64 is installed AND the version of wdhtmled.ocx is less than 6.1.0.9247 OR Microsoft MSWebDVD ActiveX Control on Windows XP x86 Microsoft Windows XP (32-bit) is installed AND Mswebdvd.dll version is less than 6.5.2600.3610 OR Microsoft MSWebDVD ActiveX Control on Windows XP x86 Microsoft Windows XP (32-bit) is installed AND Mswebdvd.dll version is less than 6.5.2600.5857 OR Microsoft MSWebDVD ActiveX Control on Windows XP x64, Server 2003 x86/x64 OS Check Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows XP x64 is installed AND the version of Mswebdvd.dll is less than 6.5.3790.4565 OR Microsoft MSWebDVD ActiveX Control on Server 2003 ia64 Microsoft Windows Server 2003 (ia64) Gold is installed AND the version of Mswebdvd.dll is less than 6.5.3790.3386 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista OS Check for windows Vista X86/x64 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND GRD/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6000.16891 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6000.20000 AND the version of Ehkeyctl.dll is less than 6.0.6000.21090 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista OS Check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND GDR/LDR version Check the version of Ehkeyctl.dll is less than 6.0.6001.18295 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6001.22000 AND the version of Ehkeyctl.dll is less than 6.0.6001.22476 OR Microsoft HtmlInput Object ActiveX Control in Windows Vista OS check Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND GDR/LDR version check the version of Ehkeyctl.dll is less than 6.0.6002.18072 OR LDR version check the version of Ehkeyctl.dll is greater than or equal 6.0.6002.22000 AND the version of Ehkeyctl.dll is less than 6.0.6002.22181

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Internet Explorer cpe:2.3:a:microsoft:internet_explorer:8:::::::* cpe:2.3:a:microsoft:internet_explorer:7:::::::* cpe:2.3:a:microsoft:internet_explorer:6:::::::* cpe:2.3:a:microsoft:internet_explorer:6:sp1:::::: cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4::::::	5
Application	Microsoft Visual C++ cpe:2.3:a:microsoft:visual_c++:2008:sp1:::::: cpe:2.3:a:microsoft:visual_c++:2008:::::::* cpe:2.3:a:microsoft:visual_c++:2005:sp1::::::	3
Application	Microsoft Visual Studio cpe:2.3:a:microsoft:visual_studio:2008:::::::* cpe:2.3:a:microsoft:visual_studio:2008:sp1:::::: cpe:2.3:a:microsoft:visual_studio:2005:sp1:::::: cpe:2.3:a:microsoft:visual_studio:2003:sp1::::::	4
Os	Microsoft Windows 2000 cpe:2.3:o:microsoft:windows_2000::sp4::::::*	1
Os	Microsoft Windows 2003 Server cpe:2.3:o:microsoft:windows_2003_server::sp2::::::*	1
Os	Microsoft Windows 7 cpe:2.3:o:microsoft:windows_7:-:::::::*	1
Os	Microsoft Windows Server 2003 cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*	1
Os	Microsoft Windows Server 2008 cpe:2.3:o:microsoft:windows_server_2008::r2:itanium::::: cpe:2.3:o:microsoft:windows_server_2008::r2:x64::::: cpe:2.3:o:microsoft:windows_server_2008::sp2:itanium::::: cpe:2.3:o:microsoft:windows_server_2008:::x32:::::* cpe:2.3:o:microsoft:windows_server_2008::sp2:x32::::: cpe:2.3:o:microsoft:windows_server_2008::sp2:x64::::: cpe:2.3:o:microsoft:windows_server_2008:::itanium:::::* cpe:2.3:o:microsoft:windows_server_2008:::x64:::::* cpe:2.3:o:microsoft:windows_server_2008::sp2::::::* cpe:2.3:o:microsoft:windows_server_2008:-:::::::*	10
Os	Microsoft Windows Vista cpe:2.3:o:microsoft:windows_vista::sp1::::::* cpe:2.3:o:microsoft:windows_vista::sp2::::::* cpe:2.3:o:microsoft:windows_vista:::x64:::::* cpe:2.3:o:microsoft:windows_vista:-:::::::*	4
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::sp2:x64::::: cpe:2.3:o:microsoft:windows_xp::sp2::::::* cpe:2.3:o:microsoft:windows_xp::sp3::::::* cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:::::*	4

ExploitDB Exploits

id	Description
2010-07-12	Internet Explorer Style getElementsByTagName Memory Corruption

OpenVAS Exploits

Date	Description
2010-03-16	Name : FreeBSD Ports: openoffice.org File : nvt/freebsd_openoffice.org.nasl
2009-12-04	Name : MS Internet Explorer 'Style' Object Remote Code Execution Vulnerability File : nvt/gb_ms_ie_style_object_remote_code_exec_vuln.nasl
2009-11-11	Name : SLES11: Security update for IBM Java 1.6.0 File : nvt/sles11_java-1_6_0-ibm1.nasl
2009-10-14	Name : Microsoft Windows ATL COM Initialization Code Execution Vulnerability (973525) File : nvt/secpod_ms09-055.nasl
2009-10-14	Name : MS ATL ActiveX Controls for MS Office Could Allow Remote Code Execution (973965) File : nvt/secpod_ms09-060.nasl
2009-08-14	Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908) File : nvt/secpod_ms09-037.nasl
2009-08-03	Name : Microsoft Visual Studio ATL Remote Code Execution Vulnerability (969706) File : nvt/secpod_ms09-035.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
60839	Microsoft IE CAttrArray Object Circular Dereference Remote Code Execution
60838	Microsoft IE CSS Element Access Race Condition Memory Corruption
60837	Microsoft IE XHTML DOM Manipulation Memory Corruption
60490	Microsoft IE Layout STYLE Tag getElementsByTagName Method Handling Memory Cor...
56698	Microsoft Visual Studio Active Template Library (ATL) Data Stream Object Inst...

Information Assurance Vulnerability Management (IAVM)

Date	Description
2009-10-15	IAVM : 2009-A-0097 - Multiple Vulnerabilities in Microsoft Active Template Library Severity : Category II - VMSKEY : V0021756
2009-08-13	IAVM : 2009-A-0067 - Multiple Vulnerabilities in Microsoft Active Template Library Severity : Category II - VMSKEY : V0019882
2009-07-30	IAVM : 2009-B-0033 - Multiple Vulnerabilities in Visual Studio Active Template Library Severity : Category II - VMSKEY : V0019798

Snort® IPS/IDS

Date	Description
2014-01-10	Microsoft Internet Explorer 8 DOM memory corruption attempt RuleID : 21994 - Revision : 5 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer orphan DOM objects memory corruption attempt RuleID : 21272 - Revision : 5 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer orphan DOM objects memory corruption attempt RuleID : 16330 - Revision : 10 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer 8 DOM memory corruption attempt RuleID : 16326 - Revision : 11 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer mouse move during refresh memory corruption attempt RuleID : 16317 - Revision : 11 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer 6/7 single line outerHTML invalid reference arbit... RuleID : 16311 - Revision : 13 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer 6/7 single line outerHTML invalid reference arbit... RuleID : 16310 - Revision : 18 - Type : BROWSER-IE
2014-01-10	Microsoft Excel Add-in for SQL Analysis Services 4 ActiveX clsid unicode access RuleID : 16166 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10	Microsoft Office Excel Add-in for SQL Analysis Services 4 ActiveX clsid access RuleID : 16165 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft Excel Add-in for SQL Analysis Services 3 ActiveX clsid unicode access RuleID : 16164 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10	Microsoft Office Excel Add-in for SQL Analysis Services 3 ActiveX clsid access RuleID : 16163 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft Excel Add-in for SQL Analysis Services 2 ActiveX clsid unicode access RuleID : 16162 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10	Microsoft Office Excel Add-in for SQL Analysis Services 2 ActiveX clsid access RuleID : 16161 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft Excel Add-in for SQL Analysis Services 1 ActiveX clsid unicode access RuleID : 16160 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10	Microsoft Office Excel Add-in for SQL Analysis Services 1 ActiveX clsid access RuleID : 16159 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft Video 32 ActiveX clsid unicode access RuleID : 15639 - Revision : 10 - Type : WEB-ACTIVEX
2014-01-10	Microsoft Video 32 ActiveX clsid access RuleID : 15638 - Revision : 18 - Type : BROWSER-PLUGINS

Metasploit Database

id	Description
2009-11-20	MS09-072 Microsoft Internet Explorer Style getElementsByTagName Memory Corruption

Nessus® Vulnerability Scanner

Date	Description
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-6386.nasl - Type : ACT_GATHER_INFO
2010-10-11	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-6741.nasl - Type : ACT_GATHER_INFO
2010-03-01	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c97d7a37223311df96dd001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-02-12	Name : The remote Windows host has a program affected by multiple buffer overflows. File : openoffice_32.nasl - Type : ACT_GATHER_INFO
2010-01-08	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-6740.nasl - Type : ACT_GATHER_INFO
2009-12-27	Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12564.nasl - Type : ACT_GATHER_INFO
2009-12-08	Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms09-072.nasl - Type : ACT_GATHER_INFO
2009-11-05	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-091102.nasl - Type : ACT_GATHER_INFO
2009-10-14	Name : Arbitrary code can be executed on the remote host through Microsoft Office Ac... File : smb_nt_ms09-060.nasl - Type : ACT_GATHER_INFO
2009-10-13	Name : The remote Windows host has multiple ActiveX controls that are affected by mu... File : smb_nt_ms09-055.nasl - Type : ACT_GATHER_INFO
2009-10-06	Name : The remote openSUSE host is missing a security update. File : suse_flash-player-6387.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 11 host is missing a security update. File : suse_11_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-11	Name : Arbitrary code can be executed on the remote host through Microsoft Active Te... File : smb_nt_ms09-037.nasl - Type : ACT_GATHER_INFO
2009-08-05	Name : The remote openSUSE host is missing a security update. File : suse_11_0_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-05	Name : The remote openSUSE host is missing a security update. File : suse_11_1_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-07-30	Name : Arbitrary code can be executed on the remote host through Microsoft Active Te... File : smb_nt_ms09-035.nasl - Type : ACT_GATHER_INFO
2009-07-30	Name : The remote Windows host contains a browser plugin that is affected by multipl... File : flash_player_apsb09_10.nasl - Type : ACT_GATHER_INFO
2009-07-29	Name : The remote Windows host contains an Internet Explorer plugin which uses a vul... File : shockwave_player_apsb09_11.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2020-05-23 13:17:13	Multiple Updates
2016-04-26 22:58:15	Multiple Updates
2014-02-17 11:46:25	Multiple Updates
2014-01-19 21:30:25	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	5
Oval ID(s)	10
CPE ID(s)	34
osvdb(s)	5
ExploitDB Exploit(s)	1
Metasploit Exploit(s)	1
Openvas Exploit(s)	7
IAVM(s)	3
Snort® Rule(s)	17
Nessus® Exploit(s)	18

	Related
10	TA15-119A
9.3	MS10-002
9.3	MS09-054
9.3	MS09-035
9.3	KB977981
9.3	CVE-2009-3674
9.3	CVE-2009-3673
9.3	CVE-2009-3672
9.3	CVE-2009-3671
9.3	CVE-2009-2493
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 10 more Alert(s)