[Openvas-commits] r3243 - trunk/winslad/oval

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed May 6 02:21:50 CEST 2009


Author: doj
Date: 2009-05-06 02:21:37 +0200 (Wed, 06 May 2009)
New Revision: 3243

Modified:
   trunk/winslad/oval/runoval.bat
   trunk/winslad/oval/windows.xml
Log:
Windows OVAL definitions for 2009-05-05

Modified: trunk/winslad/oval/runoval.bat
===================================================================
--- trunk/winslad/oval/runoval.bat	2009-05-05 21:49:13 UTC (rev 3242)
+++ trunk/winslad/oval/runoval.bat	2009-05-06 00:21:37 UTC (rev 3243)
@@ -6,9 +6,9 @@
 rem Download http://oval.mitre.org/rep-data/org.mitre.oval/v/family/windows.xml
 rem and update the MD5 sum for windows.xml from the website.
 
-rem version 2009-04-02
+rem version 2009-05-05
 set DEF=windows.xml
-set MD5=8af2ecd4f4b4730eee04101f674f9dda
+set MD5=31e88f4d874350e39d7c2128cc93ff5d
 
 if "%1" == "" goto HELP
 if %1 == --short goto SHORT

Modified: trunk/winslad/oval/windows.xml
===================================================================
--- trunk/winslad/oval/windows.xml	2009-05-05 21:49:13 UTC (rev 3242)
+++ trunk/winslad/oval/windows.xml	2009-05-06 00:21:37 UTC (rev 3243)
@@ -3,11 +3,3242 @@
   <generator>
     <oval:product_name>The OVAL Repository</oval:product_name>
     <oval:schema_version>5.5</oval:schema_version>
-    <oval:timestamp>2009-04-02T04:42:03.876-04:00</oval:timestamp>
+    <oval:timestamp>2009-05-05T04:44:39.507-04:00</oval:timestamp>
   </generator>
   <definitions>
-    <definition id="oval:org.mitre.oval:def:6228" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:6233" version="0" class="vulnerability">
       <metadata>
+        <title>WinINet Credential Reflection Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Internet Explorer</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0550" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0550"/>
+        <reference source="Microsoft" ref_id="MS09-014" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-014.mspx"/>
+        <description>Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a "credential-reflection protections" opt-in step, aka "Windows HTTP Services Credential Reflection Vulnerability" and "WinINet Credential Reflection Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:44:51.303-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:37.006-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <extend_definition comment="Microsoft Internet Explorer 5.01 SP4 is installed" definition_ref="oval:org.mitre.oval:def:325"/>
+          <criterion comment="Mshtml.dll version is less than 5.0.3874.1900" test_ref="oval:org.mitre.oval:tst:9783"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2800.1625" test_ref="oval:org.mitre.oval:tst:9684"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP SP2 is installed" definition_ref="oval:org.mitre.oval:def:521"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.3527" test_ref="oval:org.mitre.oval:tst:9744"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.5764" test_ref="oval:org.mitre.oval:tst:9622"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16830" test_ref="oval:org.mitre.oval:tst:9688"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21023" test_ref="oval:org.mitre.oval:tst:10115"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6001.16000" test_ref="oval:org.mitre.oval:tst:9444"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6001.18226" test_ref="oval:org.mitre.oval:tst:10150"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6001.20000" test_ref="oval:org.mitre.oval:tst:9375"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6001.22389" test_ref="oval:org.mitre.oval:tst:10005"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6193" version="0" class="vulnerability">
+      <metadata>
+        <title>Windows WMI Service Isolation Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0078" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0078"/>
+        <reference source="Microsoft" ref_id="MS09-012" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-012.mspx"/>
+        <description>The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows WMI Service Isolation Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:44:53.307-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:36.077-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4414.320" test_ref="oval:org.mitre.oval:tst:9953"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4414.706" test_ref="oval:org.mitre.oval:tst:9475"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4720.3180" test_ref="oval:org.mitre.oval:tst:9983"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4720.4340" test_ref="oval:org.mitre.oval:tst:9752"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.6930.16697" test_ref="oval:org.mitre.oval:tst:9750"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.6931.18085" test_ref="oval:org.mitre.oval:tst:9824"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6177" version="0" class="vulnerability">
+      <metadata>
+        <title>Windows Thread Pool ACL Weakness Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0080" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0080"/>
+        <reference source="Microsoft" ref_id="MS09-012" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-012.mspx"/>
+        <description>The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:44:53.967-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:35.470-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.6930.16697" test_ref="oval:org.mitre.oval:tst:9750"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.6931.18085" test_ref="oval:org.mitre.oval:tst:9824"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6164" version="0" class="vulnerability">
+      <metadata>
+        <title>Page Transition Memory Corruption Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Internet Explorer</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0551" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0551"/>
+        <reference source="Microsoft" ref_id="MS09-014" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-014.mspx"/>
+        <description>Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document, which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner advertisements, aka "Page Transition Memory Corruption Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:44:54.291-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:34.414-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2800.1625" test_ref="oval:org.mitre.oval:tst:9684"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP SP2 is installed" definition_ref="oval:org.mitre.oval:def:521"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.3527" test_ref="oval:org.mitre.oval:tst:9744"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.5764" test_ref="oval:org.mitre.oval:tst:9622"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16830" test_ref="oval:org.mitre.oval:tst:9688"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21023" test_ref="oval:org.mitre.oval:tst:10115"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6001.16000" test_ref="oval:org.mitre.oval:tst:9444"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6001.18226" test_ref="oval:org.mitre.oval:tst:10150"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6001.20000" test_ref="oval:org.mitre.oval:tst:9375"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6001.22389" test_ref="oval:org.mitre.oval:tst:10005"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6149" version="0" class="vulnerability">
+      <metadata>
+        <title>Windows HTTP Services Integer Underflow Vulnerability (CVE-2009-0086)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0086" ref_url="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0086"/>
+        <reference source="Microsoft" ref_id="MS09-013" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-013.mspx"/>
+        <description>Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in a response, related to error handling, aka "Windows HTTP Services Integer Underflow Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Kyle Key</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:44:57.184-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:32.655-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND" comment="winhttp.dll version 5.1.2600.3490 or later on Windows 2000 sp4">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.3490" test_ref="oval:org.mitre.oval:tst:9822"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.1.2600.3494 or later on windows xp sp2 x86">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.3494" test_ref="oval:org.mitre.oval:tst:9877"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.1.2600.5727 or later on windows xp sp3 x86">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.5727" test_ref="oval:org.mitre.oval:tst:9540"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.3262 or later on windows xp sp1 x64">
+          <extend_definition comment="Microsoft Windows XP SP1 (64-bit) is installed" definition_ref="oval:org.mitre.oval:def:480"/>
+          <criterion comment="system32\winhttp.dll version less than 5.2.3790.3262" test_ref="oval:org.mitre.oval:tst:9795"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.4427 or later on windows xp sp2 x64">
+          <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          <criterion comment="system32\winhttp.dll version less than 5.2.3790.4427" test_ref="oval:org.mitre.oval:tst:9649"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.3262 or later on windows server 2003 sp1 (x86)(x64)(ia64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="Winsxs\winhttp.dll version less than 5.2.3790.3262" test_ref="oval:org.mitre.oval:tst:9580"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.4427 or later on windows server 2003 sp2 (x86)(x64)(ia64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="Winsxs\winhttp.dll version less than 5.2.3790.4427" test_ref="oval:org.mitre.oval:tst:9985"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6000.16786 or later on windows vista GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9951"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6000.16786" test_ref="oval:org.mitre.oval:tst:9981"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6000.20971 or later on windows vista LDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9442"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6000.20971" test_ref="oval:org.mitre.oval:tst:9594"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6001.18178 or later on windows server 2008 sp1 GDR (x86)(x64)(ia64) and windows vista sp1 GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6001.18000" test_ref="oval:org.mitre.oval:tst:9762"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6001.18178" test_ref="oval:org.mitre.oval:tst:9801"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6001.22323 or later on windows server 2008 sp1 LDR (x86)(x64)(ia64) and windows vista sp1 GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6001.22000" test_ref="oval:org.mitre.oval:tst:9825"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6001.22323" test_ref="oval:org.mitre.oval:tst:9119"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6147" version="0" class="vulnerability">
+      <metadata>
+        <title>Windows RPCSS Service Isolation Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0079" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0079"/>
+        <reference source="Microsoft" ref_id="MS09-012" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-012.mspx"/>
+        <description>The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:44:57.841-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:31.909-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4414.320" test_ref="oval:org.mitre.oval:tst:9953"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4414.706" test_ref="oval:org.mitre.oval:tst:9475"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4720.3180" test_ref="oval:org.mitre.oval:tst:9983"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4720.4340" test_ref="oval:org.mitre.oval:tst:9752"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6108" version="0" class="vulnerability">
+      <metadata>
+        <title>Blended Threat Remote Code Execution Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <product>Internet Explorer</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2008-2540" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2540"/>
+        <reference source="Microsoft" ref_id="MS09-014" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-014.mspx"/>
+        <description>Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, aka a "Carpet Bomb," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because of certain behavior of the Windows desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X.  NOTE: Microsoft describes the issue on the Windows platform as "a blended threat that allows remote code execution."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:44:58.190-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:31.172-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6069" version="0" class="vulnerability">
+      <metadata>
+        <title>Uninitialized Memory Corruption Vulnerability (CVE-2009-0553)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Internet Explorer</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0553" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0553"/>
+        <reference source="Microsoft" ref_id="MS09-014" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-014.mspx"/>
+        <description>Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:44:58.507-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:30.593-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2800.1625" test_ref="oval:org.mitre.oval:tst:9684"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP SP2 is installed" definition_ref="oval:org.mitre.oval:def:521"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.3527" test_ref="oval:org.mitre.oval:tst:9744"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.5764" test_ref="oval:org.mitre.oval:tst:9622"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16830" test_ref="oval:org.mitre.oval:tst:9688"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21023" test_ref="oval:org.mitre.oval:tst:10115"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6001.16000" test_ref="oval:org.mitre.oval:tst:9444"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6001.18226" test_ref="oval:org.mitre.oval:tst:10150"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6001.20000" test_ref="oval:org.mitre.oval:tst:9375"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6001.22389" test_ref="oval:org.mitre.oval:tst:10005"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6068" version="0" class="vulnerability">
+      <metadata>
+        <title>Web Proxy TCP State Limited Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <product>Microsoft Forefront Threat Management Gateway</product>
+          <product>Microsoft Internet Security and Acceleration Server 2004</product>
+          <product>Microsoft Internet Security and Acceleration Server 2006</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0077" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0077"/>
+        <reference source="Microsoft" ref_id="MS09-016" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-016.mspx"/>
+        <description>The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka "Web Proxy TCP State Limited Denial of Service Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:01.258-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:30.231-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND" comment="ISA Server 2004 Standard Edition">
+          <extend_definition comment="Microsoft Internet Security and Acceleration Server 2004" definition_ref="oval:org.mitre.oval:def:5940"/>
+          <criterion comment="the version of wspsrv.exe is greater than or equal 4.0.2161.50" test_ref="oval:org.mitre.oval:tst:10122"/>
+          <criterion comment="the version of wspsrv.exe is less than 4.0.2167.909" test_ref="oval:org.mitre.oval:tst:10157"/>
+        </criteria>
+        <criteria operator="AND" comment="ISA Server 2004 Enterprise  Edition">
+          <extend_definition comment="Microsoft Internet Security and Acceleration Server 2004" definition_ref="oval:org.mitre.oval:def:5940"/>
+          <criterion comment="the version of wspsrv.exe is greater than or equal 4.0.3439.50" test_ref="oval:org.mitre.oval:tst:9891"/>
+          <criterion comment="the version of wspsrv.exe is less than 4.0.3445.909" test_ref="oval:org.mitre.oval:tst:9803"/>
+        </criteria>
+        <criteria operator="AND" comment="ISA Server 2006">
+          <extend_definition comment="Microsoft Internet Security and Acceleration Server 2006" definition_ref="oval:org.mitre.oval:def:6052"/>
+          <criterion comment="the version of wspsrv.exe is greater than or equal 5.0.5720.100" test_ref="oval:org.mitre.oval:tst:9920"/>
+          <criterion comment="the version of wspsrv.exe is less than 5.0.5720.172" test_ref="oval:org.mitre.oval:tst:9772"/>
+        </criteria>
+        <criteria operator="AND" comment="ISA Server 2006 with the Supportability Update installed">
+          <extend_definition comment="Microsoft Internet Security and Acceleration Server 2006" definition_ref="oval:org.mitre.oval:def:6052"/>
+          <criterion comment="the version of wspsrv.exe is greater than or equal 5.0.5721.240" test_ref="oval:org.mitre.oval:tst:9815"/>
+          <criterion comment="the version of wspsrv.exe is less than 5.0.5721.261" test_ref="oval:org.mitre.oval:tst:9875"/>
+        </criteria>
+        <criteria operator="AND" comment="ISA Server 2006 with Service Pack 1 installed">
+          <extend_definition comment="Microsoft Internet Security and Acceleration Server 2006" definition_ref="oval:org.mitre.oval:def:6052"/>
+          <criterion comment="the version of wspsrv.exe is greater than or equal 5.0.5723.493" test_ref="oval:org.mitre.oval:tst:10021"/>
+          <criterion comment="the version of wspsrv.exe is less than 5.0.5723.511" test_ref="oval:org.mitre.oval:tst:9597"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5940" version="0" class="inventory">
+      <metadata>
+        <title>Microsoft Internet Security and Acceleration Server 2004</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <product>Microsoft Internet Security and Acceleration Server 2004</product>
+        </affected>
+        <reference source="CPE" ref_id="cpe:/a:microsoft:isa_server:2004"/>
+        <description>Microsoft Internet Security and Acceleration Server 2004 is installed.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:00.233-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:24.475-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria>
+        <criterion comment="Microsoft Internet Security and Acceleration Server 2004 is installed" test_ref="oval:org.mitre.oval:tst:10158"/>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6066" version="1" class="vulnerability">
+      <metadata>
+        <title>Apple Safari Malformed URI Remote Denail of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Apple Safari</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0744" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0744"/>
+        <description>Apple Safari 4 Beta build 528.16 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a feeds: URI beginning with a (1) % (percent), (2) { (open curly bracket), (3) } (close curly bracket), (4) ^ (caret), (5) ` (backquote), or (6) | (pipe) character, followed by an &amp; (ampersand) character.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-03-17T12:30:50">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-03-23T10:43:52.586-04:00">DRAFT</status_change>
+            <status_change date="2009-04-13T04:00:27.831-04:00">INTERIM</status_change>
+            <status_change date="2009-05-04T04:00:29.145-04:00">ACCEPTED</status_change>
+          </dates>
+          <status>ACCEPTED</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Safari.exe version is less than or equal to 4.528.16.0" test_ref="oval:org.mitre.oval:tst:9789"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6050" version="0" class="vulnerability">
+      <metadata>
+        <title>WordPad Word 97 Text Converter Stack Overflow Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2008-4841" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4841"/>
+        <reference source="Microsoft" ref_id="MS09-010" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-010.mspx"/>
+        <description>The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008.  NOTE: As of 20081210, it is unclear whether this vulnerability is related to a WordPad issue disclosed on 20080925 with a 2008-crash.doc.rar example, but there are insufficient details to be sure.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:04.221-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:28.001-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="the version of wordpad.exe is less than 5.0.2195.7155" test_ref="oval:org.mitre.oval:tst:9583"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="the version of wordpad.exe is less than 5.1.2600.3355" test_ref="oval:org.mitre.oval:tst:9738"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="the version of wordpad.exe is less than 5.1.2600.5584" test_ref="oval:org.mitre.oval:tst:9166"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="the version of wordpad.exe is less than 5.2.3790.3129" test_ref="oval:org.mitre.oval:tst:9946"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="the version of wordpad.exe is less than 5.2.3790.4282" test_ref="oval:org.mitre.oval:tst:9249"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6043" version="0" class="vulnerability">
+      <metadata>
+        <title>Memory Corruption Vulnerability (CVE-2009-0100)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Microsoft Excel 2000</product>
+          <product>Microsoft Excel 2002</product>
+          <product>Microsoft Excel 2003</product>
+          <product>Microsoft Excel 2007</product>
+          <product>Microsoft Office Excel Viewer 2003</product>
+          <product>Microsoft Office Excel Viewer</product>
+          <product>Microsoft Office Compatibility Pack</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0100" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0100"/>
+        <reference source="Microsoft" ref_id="MS09-009" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-009.mspx"/>
+        <description>Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 do not properly parse the Excel spreadsheet file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that contains a malformed object with "an offset and a two-byte value" that trigger a memory calculation error, aka "Memory Corruption Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Kyle Key</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:13.152-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:27.363-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel 2000 is installed" definition_ref="oval:org.mitre.oval:def:758"/>
+          <criterion comment="Excel.exe version is less than 9.0.0.8977" test_ref="oval:org.mitre.oval:tst:9986"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel 2002 is installed" definition_ref="oval:org.mitre.oval:def:473"/>
+          <criterion comment="Excel.exe version is less than 10.0.6852.0" test_ref="oval:org.mitre.oval:tst:9874"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel 2003 is installed" definition_ref="oval:org.mitre.oval:def:764"/>
+          <criterion comment="Excel.exe version is less than 11.0.8302.0" test_ref="oval:org.mitre.oval:tst:9937"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel 2007 is installed" definition_ref="oval:org.mitre.oval:def:1745"/>
+          <criterion comment="Excel.exe version is less than 12.0.6341.5001" test_ref="oval:org.mitre.oval:tst:9740"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel Viewer 2003 is installed" definition_ref="oval:org.mitre.oval:def:439"/>
+          <criterion comment="Xlview.exe version is less than 11.0.8302.0" test_ref="oval:org.mitre.oval:tst:9960"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel Viewer 2007 is installed" definition_ref="oval:org.mitre.oval:def:6006"/>
+          <criterion comment="XLView.exe version is less than 12.0.6341.5001" test_ref="oval:org.mitre.oval:tst:9715"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Office Compatibility Pack is installed" definition_ref="oval:org.mitre.oval:def:1853"/>
+          <criterion comment="Excelcnv.exe version is less than 12.0.6341.5001" test_ref="oval:org.mitre.oval:tst:9892"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6027" version="0" class="vulnerability">
+      <metadata>
+        <title>Windows HTTP Services Certificate Name Mismatch Vulnerability (CVE-2009-0089)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0089" ref_url="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0089"/>
+        <reference source="Microsoft" ref_id="MS09-013" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-013.mspx"/>
+        <description>Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold allows remote web servers to impersonate arbitrary https web sites by using DNS spoofing to "forward a connection" to a different https web site that has a valid certificate matching its own domain name, but not a certificate matching the domain name of the host requested by the user, aka "Windows HTTP Services Certificate Name Mismatch Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Kyle Key</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:14.167-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:26.586-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND" comment="winhttp.dll version 5.1.2600.3490 or later on Windows 2000 sp4">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.3490" test_ref="oval:org.mitre.oval:tst:9822"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.1.2600.3494 or later on windows xp sp2 x86">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.3494" test_ref="oval:org.mitre.oval:tst:9877"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.1.2600.5727 or later on windows xp sp3 x86">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.5727" test_ref="oval:org.mitre.oval:tst:9540"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.3262 or later on windows xp sp1 x64">
+          <extend_definition comment="Microsoft Windows XP SP1 (64-bit) is installed" definition_ref="oval:org.mitre.oval:def:480"/>
+          <criterion comment="system32\winhttp.dll version less than 5.2.3790.3262" test_ref="oval:org.mitre.oval:tst:9795"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.4427 or later on windows xp sp2 x64">
+          <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          <criterion comment="system32\winhttp.dll version less than 5.2.3790.4427" test_ref="oval:org.mitre.oval:tst:9649"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.3262 or later on windows server 2003 sp1 (x86)(x64)(ia64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="Winsxs\winhttp.dll version less than 5.2.3790.3262" test_ref="oval:org.mitre.oval:tst:9580"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.4427 or later on windows server 2003 sp2 (x86)(x64)(ia64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="Winsxs\winhttp.dll version less than 5.2.3790.4427" test_ref="oval:org.mitre.oval:tst:9985"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6000.16786 or later on windows vista GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9951"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6000.16786" test_ref="oval:org.mitre.oval:tst:9981"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6000.20971 or later on windows vista LDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9442"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6000.20971" test_ref="oval:org.mitre.oval:tst:9594"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6001.18178 or later on windows server 2008 sp1 GDR (x86)(x64)(ia64) and windows vista sp1 GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6001.18000" test_ref="oval:org.mitre.oval:tst:9762"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6001.18178" test_ref="oval:org.mitre.oval:tst:9801"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6001.22323 or later on windows server 2008 sp1 LDR (x86)(x64)(ia64) and windows vista sp1 GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6001.22000" test_ref="oval:org.mitre.oval:tst:9825"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6001.22323" test_ref="oval:org.mitre.oval:tst:9119"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6001" version="1" class="vulnerability">
+      <metadata>
+        <title>Apple iTunes Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Apple iTunes</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0016" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0016"/>
+        <description>Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-03-17T10:31:31">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-03-23T10:43:53.220-04:00">DRAFT</status_change>
+            <status_change date="2009-04-13T04:00:27.226-04:00">INTERIM</status_change>
+            <status_change date="2009-05-04T04:00:26.020-04:00">ACCEPTED</status_change>
+          </dates>
+          <status>ACCEPTED</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="iTunes.exe version is less than 8.1.0.51" test_ref="oval:org.mitre.oval:tst:9153"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5968" version="0" class="vulnerability">
+      <metadata>
+        <title>Memory Corruption Vulnerability (CVE-2009-0238)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Microsoft Excel 2000</product>
+          <product>Microsoft Excel 2002</product>
+          <product>Microsoft Excel 2003</product>
+          <product>Microsoft Excel 2007</product>
+          <product>Microsoft Office Excel Viewer 2003</product>
+          <product>Microsoft Office Excel Viewer</product>
+          <product>Microsoft Office Compatibility Pack</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0238" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0238"/>
+        <reference source="Microsoft" ref_id="MS09-009" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-009.mspx"/>
+        <description>Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Kyle Key</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:15.107-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:25.139-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel 2000 is installed" definition_ref="oval:org.mitre.oval:def:758"/>
+          <criterion comment="Excel.exe version is less than 9.0.0.8977" test_ref="oval:org.mitre.oval:tst:9986"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel 2002 is installed" definition_ref="oval:org.mitre.oval:def:473"/>
+          <criterion comment="Excel.exe version is less than 10.0.6852.0" test_ref="oval:org.mitre.oval:tst:9874"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel 2003 is installed" definition_ref="oval:org.mitre.oval:def:764"/>
+          <criterion comment="Excel.exe version is less than 11.0.8302.0" test_ref="oval:org.mitre.oval:tst:9937"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel 2007 is installed" definition_ref="oval:org.mitre.oval:def:1745"/>
+          <criterion comment="Excel.exe version is less than 12.0.6341.5001" test_ref="oval:org.mitre.oval:tst:9740"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel Viewer 2003 is installed" definition_ref="oval:org.mitre.oval:def:439"/>
+          <criterion comment="Xlview.exe version is less than 11.0.8302.0" test_ref="oval:org.mitre.oval:tst:9960"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Excel Viewer 2007 is installed" definition_ref="oval:org.mitre.oval:def:6006"/>
+          <criterion comment="XLView.exe version is less than 12.0.6341.5001" test_ref="oval:org.mitre.oval:tst:9715"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Office Compatibility Pack is installed" definition_ref="oval:org.mitre.oval:def:1853"/>
+          <criterion comment="Excelcnv.exe version is less than 12.0.6341.5001" test_ref="oval:org.mitre.oval:tst:9892"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6006" version="0" class="inventory">
+      <metadata>
+        <title>Microsoft Excel Viewer 2007 is installed</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+        </affected>
+        <description>The application Microsoft Excel Viewer 2007 is installed.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Kyle Key</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:11.996-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:26.292-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria>
+        <criterion comment="Excel Viewer 2007 is installed." test_ref="oval:org.mitre.oval:tst:9743"/>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5893" version="0" class="vulnerability">
+      <metadata>
+        <title>WordPad Word 97 Text Converter Stack Overflow Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0235" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0235"/>
+        <reference source="Microsoft" ref_id="MS09-010" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-010.mspx"/>
+        <description>Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data sizes for an unspecified length field, aka "WordPad Word 97 Text Converter Stack Overflow Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:16.149-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:23.931-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="the version of wordpad.exe is less than 5.0.2195.7155" test_ref="oval:org.mitre.oval:tst:9583"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="the version of wordpad.exe is less than 5.1.2600.3355" test_ref="oval:org.mitre.oval:tst:9738"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="the version of wordpad.exe is less than 5.1.2600.5584" test_ref="oval:org.mitre.oval:tst:9166"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="the version of wordpad.exe is less than 5.2.3790.3129" test_ref="oval:org.mitre.oval:tst:9946"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="the version of wordpad.exe is less than 5.2.3790.4282" test_ref="oval:org.mitre.oval:tst:9249"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5891" version="0" class="vulnerability">
+      <metadata>
+        <title>Windows MSDTC Service Isolation Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2008-1436" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1436"/>
+        <reference source="Microsoft" ref_id="MS09-012" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-012.mspx"/>
+        <description>Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability, related to improper management of the SeImpersonatePrivilege user right, as originally reported for Internet Information Services (IIS), aka Token Kidnapping.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:16.952-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:23.068-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="the version of Msdtcprx.dll is less than 2000.2.3549.0" test_ref="oval:org.mitre.oval:tst:9855"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4414.320" test_ref="oval:org.mitre.oval:tst:9953"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4414.706" test_ref="oval:org.mitre.oval:tst:9475"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4720.3180" test_ref="oval:org.mitre.oval:tst:9983"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.4720.4340" test_ref="oval:org.mitre.oval:tst:9752"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.6930.16697" test_ref="oval:org.mitre.oval:tst:9750"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+          </criteria>
+          <criterion comment="the version of Msdtcprx.dll is less than 2001.12.6931.18085" test_ref="oval:org.mitre.oval:tst:9824"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5868" version="1" class="vulnerability">
+      <metadata>
+        <title>Microsoft Malformed BMP Filter Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <product>Microsoft Office 2000</product>
+          <product>Microsoft Office XP</product>
+          <product>Microsoft Office Project 2002</product>
+          <product>Microsoft Office Converter Pack</product>
+          <product>Microsoft Works</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2008-3020" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3020"/>
+        <description>Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-03-16T15:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-03-23T10:43:56.089-04:00">DRAFT</status_change>
+            <status_change date="2009-04-13T04:00:26.567-04:00">INTERIM</status_change>
+            <status_change date="2009-05-04T04:00:22.692-04:00">ACCEPTED</status_change>
+          </dates>
+          <status>ACCEPTED</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="AND">
+        <criteria operator="OR">
+          <extend_definition comment="Microsoft Office 2000 is installed" definition_ref="oval:org.mitre.oval:def:93"/>
+          <extend_definition comment="Microsoft Office 2002 is installed" definition_ref="oval:org.mitre.oval:def:663"/>
+          <extend_definition comment="Microsoft Project 2002 SP1 is installed" definition_ref="oval:org.mitre.oval:def:707"/>
+          <criterion comment="Office File Converter Pack is Installed" test_ref="oval:org.mitre.oval:tst:8935"/>
+        </criteria>
+        <criterion comment="Gifimp32.flt version is less than 2003.1100.8165.0" test_ref="oval:org.mitre.oval:tst:8744"/>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5799" version="0" class="vulnerability">
+      <metadata>
+        <title>WordPad and Office Text Converter Memory Corruption Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Microsoft Word 2000</product>
+          <product>Microsoft Word 2002</product>
+          <product>Microsoft Office Converter Pack</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0087" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0087"/>
+        <reference source="Microsoft" ref_id="MS09-010" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-010.mspx"/>
+        <description>Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file that contains malformed data, aka "WordPad and Office Text Converter Memory Corruption Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:20.105-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:21.138-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="the version of wordpad.exe is less than 5.0.2195.7155" test_ref="oval:org.mitre.oval:tst:9583"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="the version of wordpad.exe is less than 5.1.2600.3355" test_ref="oval:org.mitre.oval:tst:9738"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="the version of wordpad.exe is less than 5.1.2600.5584" test_ref="oval:org.mitre.oval:tst:9166"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="the version of wordpad.exe is less than 5.2.3790.3129" test_ref="oval:org.mitre.oval:tst:9946"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="the version of wordpad.exe is less than 5.2.3790.4282" test_ref="oval:org.mitre.oval:tst:9249"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Word 2000 is installed" definition_ref="oval:org.mitre.oval:def:455"/>
+            <extend_definition comment="Microsoft Word 2002 is installed" definition_ref="oval:org.mitre.oval:def:973"/>
+            <criterion comment="Office File Converter Pack is Installed" test_ref="oval:org.mitre.oval:tst:8935"/>
+          </criteria>
+          <criterion comment="the version of msconv97.dll is less than 2003.1100.8202.0" test_ref="oval:org.mitre.oval:tst:9623"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5782" version="0" class="vulnerability">
+      <metadata>
+        <title>Blended Threat Elevation of Privilege Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2008-2540" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2540"/>
+        <reference source="Microsoft" ref_id="MS09-015" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-015.mspx"/>
+        <description>Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, aka a "Carpet Bomb," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because of certain behavior of the Windows desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X.  NOTE: Microsoft describes the issue on the Windows platform as "a blended threat that allows remote code execution."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:23.353-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:19.771-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="The version of Secur32.dll is less than 5.0.2195.7244" test_ref="oval:org.mitre.oval:tst:9587"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="The version of Kernel32.dll is less than 5.1.2600.3541" test_ref="oval:org.mitre.oval:tst:10006"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="The version of Kernel32.dll is less than 5.1.2600.5781" test_ref="oval:org.mitre.oval:tst:9945"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="The version of Kernel32.dll is less than 5.2.3790.3311" test_ref="oval:org.mitre.oval:tst:9886"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="The version of Kernel32.dll is less than 5.2.3790.4480" test_ref="oval:org.mitre.oval:tst:10168"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="the version of Kernel32.dll is greater than or equal 6.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9719"/>
+          <criterion comment="The version of Kernel32.dll is less than 6.0.6000.16820" test_ref="oval:org.mitre.oval:tst:10016"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="the version of Kernel32.dll is greater than or equal 6.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9980"/>
+          <criterion comment="The version of Kernel32.dll is less than 6.0.6000.21010" test_ref="oval:org.mitre.oval:tst:9775"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="the version of Kernel32.dll is greater than or equal 6.0.6001.18000" test_ref="oval:org.mitre.oval:tst:9932"/>
+          <criterion comment="The version of Kernel32.dll is less than 6.0.6001.18215" test_ref="oval:org.mitre.oval:tst:10000"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="the version of Kernel32.dll is greater than or equal 6.0.6001.22000" test_ref="oval:org.mitre.oval:tst:9167"/>
+          <criterion comment="The version of Kernel32.dll is less than 6.0.6001.22376" test_ref="oval:org.mitre.oval:tst:9936"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5771" version="0" class="vulnerability">
+      <metadata>
+        <title>Cross-Site Scripting Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <product>Microsoft Forefront Threat Management Gateway</product>
+          <product>Microsoft Internet Security and Acceleration Server 2006</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0237" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0237"/>
+        <reference source="Microsoft" ref_id="MS09-016" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-016.mspx"/>
+        <description>Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2006, 2006 Supportability Update, and 2006 SP1; allows remote attackers to inject arbitrary web script or HTML via "authentication input" to this component, aka "Cross-Site Scripting Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:24.912-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:18.875-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND" comment="ISA Server 2006">
+          <extend_definition comment="Microsoft Internet Security and Acceleration Server 2006" definition_ref="oval:org.mitre.oval:def:6052"/>
+          <criterion comment="the version of wspsrv.exe is greater than or equal 5.0.5720.100" test_ref="oval:org.mitre.oval:tst:9920"/>
+          <criterion comment="the version of wspsrv.exe is less than 5.0.5720.172" test_ref="oval:org.mitre.oval:tst:9772"/>
+        </criteria>
+        <criteria operator="AND" comment="ISA Server 2006 with the Supportability Update installed">
+          <extend_definition comment="Microsoft Internet Security and Acceleration Server 2006" definition_ref="oval:org.mitre.oval:def:6052"/>
+          <criterion comment="the version of wspsrv.exe is greater than or equal 5.0.5721.240" test_ref="oval:org.mitre.oval:tst:9815"/>
+          <criterion comment="the version of wspsrv.exe is less than 5.0.5721.261" test_ref="oval:org.mitre.oval:tst:9875"/>
+        </criteria>
+        <criteria operator="AND" comment="ISA Server 2006 with Service Pack 1 installed">
+          <extend_definition comment="Microsoft Internet Security and Acceleration Server 2006" definition_ref="oval:org.mitre.oval:def:6052"/>
+          <criterion comment="the version of wspsrv.exe is greater than or equal 5.0.5723.493" test_ref="oval:org.mitre.oval:tst:10021"/>
+          <criterion comment="the version of wspsrv.exe is less than 5.0.5723.511" test_ref="oval:org.mitre.oval:tst:9597"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6052" version="0" class="inventory">
+      <metadata>
+        <title>Microsoft Internet Security and Acceleration Server 2006</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <product>Microsoft Internet Security and Acceleration Server 2006</product>
+        </affected>
+        <reference source="CPE" ref_id="cpe:/a:microsoft:isa_server:2006"/>
+        <description>Microsoft Internet Security and Acceleration Server 2006 is installed.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:00.589-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:28.826-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria>
+        <criterion comment="Microsoft Internet Security and Acceleration Server 2006 is installed" test_ref="oval:org.mitre.oval:tst:10093"/>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5736" version="0" class="vulnerability">
+      <metadata>
+        <title>Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Microsoft Word 2000</product>
+          <product>Microsoft Office Converter Pack</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0088" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0088"/>
+        <reference source="Microsoft" ref_id="MS09-010" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-010.mspx"/>
+        <description>The WordPerfect 6.x Converter in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:25.743-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:17.990-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="AND">
+        <criteria operator="OR">
+          <extend_definition comment="Microsoft Word 2000 is installed" definition_ref="oval:org.mitre.oval:def:455"/>
+          <criterion comment="Office File Converter Pack is Installed" test_ref="oval:org.mitre.oval:tst:8935"/>
+        </criteria>
+        <criterion comment="the version of msconv97.dll is less than 2003.1100.8202.0" test_ref="oval:org.mitre.oval:tst:9623"/>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5723" version="0" class="vulnerability">
+      <metadata>
+        <title>Uninitialized Memory Corruption Vulnerability (CVE-2009-0554)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Internet Explorer</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0554" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0554"/>
+        <reference source="Microsoft" ref_id="MS09-014" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-014.mspx"/>
+        <description>Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:26.673-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:15.073-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <extend_definition comment="Microsoft Internet Explorer 5.01 SP4 is installed" definition_ref="oval:org.mitre.oval:def:325"/>
+          <criterion comment="Mshtml.dll version is less than 5.0.3874.1900" test_ref="oval:org.mitre.oval:tst:9783"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2800.1625" test_ref="oval:org.mitre.oval:tst:9684"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP SP2 is installed" definition_ref="oval:org.mitre.oval:def:521"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.3527" test_ref="oval:org.mitre.oval:tst:9744"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.5764" test_ref="oval:org.mitre.oval:tst:9622"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16825" test_ref="oval:org.mitre.oval:tst:9976"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 7 is installed" definition_ref="oval:org.mitre.oval:def:627"/>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21015" test_ref="oval:org.mitre.oval:tst:9705"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9392"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.16830" test_ref="oval:org.mitre.oval:tst:9688"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9441"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6000.21023" test_ref="oval:org.mitre.oval:tst:10115"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6001.16000" test_ref="oval:org.mitre.oval:tst:9444"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6001.18226" test_ref="oval:org.mitre.oval:tst:10150"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="Mshtml.dll version is greater than 7.0.6001.20000" test_ref="oval:org.mitre.oval:tst:9375"/>
+          <criterion comment="Mshtml.dll version is less than 7.0.6001.22389" test_ref="oval:org.mitre.oval:tst:10005"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5618" version="0" class="vulnerability">
+      <metadata>
+        <title>MJPEG Decompression Vulnerability (CVE-2009-0084)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <product>DirectX</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0084" ref_url="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0084"/>
+        <reference source="Microsoft" ref_id="MS09-011" ref_url="http://www.microsoft.com/technet/security/Bulletin/ms09-011.mspx"/>
+        <description>Use after free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Kyle Key</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:30.967-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:13.110-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND" comment="DirectX 8.1 on Windows 2000 SP4">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="DirectX 8.1 Installed" test_ref="oval:org.mitre.oval:tst:6805"/>
+          <criterion comment="the version of Quartz.dll is less than 6.3.1.892" test_ref="oval:org.mitre.oval:tst:9839"/>
+        </criteria>
+        <criteria operator="AND" comment="DirectX 9.0 on Windows 2000 SP4">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="DirectX 9.0x Installed" test_ref="oval:org.mitre.oval:tst:601"/>
+          <criterion comment="the version of Quartz.dll is less than 6.5.1.910" test_ref="oval:org.mitre.oval:tst:9893"/>
+        </criteria>
+        <criteria operator="AND" comment="DirectX 9.0 on Win XP SP2 x86">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="DirectX 9.0x Installed" test_ref="oval:org.mitre.oval:tst:601"/>
+          <criterion comment="the version of Quartz.dll is less than 6.5.2600.3497" test_ref="oval:org.mitre.oval:tst:9952"/>
+        </criteria>
+        <criteria operator="AND" comment="DirectX 9.0 on Win XP SP3 x86">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="DirectX 9.0x Installed" test_ref="oval:org.mitre.oval:tst:601"/>
+          <criterion comment="the version of Quartz.dll is less than 6.5.2600.5731" test_ref="oval:org.mitre.oval:tst:9805"/>
+        </criteria>
+        <criteria operator="AND" comment="DirectX 9.0 on Windows XP SP1, Server 2003 SP1">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows XP SP1 (64-bit) is installed" definition_ref="oval:org.mitre.oval:def:480"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="DirectX 9.0x Installed" test_ref="oval:org.mitre.oval:tst:601"/>
+          <criterion comment="the version of Quartz.dll is less than 6.5.3790.3266" test_ref="oval:org.mitre.oval:tst:9947"/>
+        </criteria>
+        <criteria operator="AND" comment="DirectX 9.0 on Windows XP SP2, Server 2003 SP2">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="DirectX 9.0x Installed" test_ref="oval:org.mitre.oval:tst:601"/>
+          <criterion comment="the version of Quartz.dll is less than 6.5.3790.3266" test_ref="oval:org.mitre.oval:tst:9002"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5551" version="0" class="vulnerability">
+      <metadata>
+        <title>Uninitialized Memory Corruption Vulnerability (CVE-2009-0552)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Internet Explorer</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0552" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0552"/>
+        <reference source="Microsoft" ref_id="MS09-014" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-014.mspx"/>
+        <description>Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:32.661-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:11.281-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <extend_definition comment="Microsoft Internet Explorer 5.01 SP4 is installed" definition_ref="oval:org.mitre.oval:def:325"/>
+          <criterion comment="Mshtml.dll version is less than 5.0.3874.1900" test_ref="oval:org.mitre.oval:tst:9783"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2800.1625" test_ref="oval:org.mitre.oval:tst:9684"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP SP2 is installed" definition_ref="oval:org.mitre.oval:def:521"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.3527" test_ref="oval:org.mitre.oval:tst:9744"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.2900.5764" test_ref="oval:org.mitre.oval:tst:9622"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP Professional x64 Edition SP1 is installed" definition_ref="oval:org.mitre.oval:def:720"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+          </criteria>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.3304" test_ref="oval:org.mitre.oval:tst:9395"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          <extend_definition comment="Microsoft Internet Explorer 6 is installed" definition_ref="oval:org.mitre.oval:def:563"/>
+          <criterion comment="Mshtml.dll version is less than 6.0.3790.4470" test_ref="oval:org.mitre.oval:tst:9788"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5336" version="1" class="vulnerability">
+      <metadata>
+        <title>Apple iTunes Information Disclosure Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Apple iTunes</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0143" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0143"/>
+        <description>Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-03-17T10:31:31">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-03-23T10:43:56.417-04:00">DRAFT</status_change>
+            <status_change date="2009-04-13T04:00:20.933-04:00">INTERIM</status_change>
+            <status_change date="2009-05-04T04:00:10.093-04:00">ACCEPTED</status_change>
+          </dates>
+          <status>ACCEPTED</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="iTunes.exe version is less than 8.1.0.51" test_ref="oval:org.mitre.oval:tst:9153"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5320" version="0" class="vulnerability">
+      <metadata>
+        <title>Windows HTTP Services Credential Reflection Vulnerability (CVE-2009-0550)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0550" ref_url="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0550"/>
+        <reference source="Microsoft" ref_id="MS09-013" ref_url="http://www.microsoft.com/technet/security/bulletin/MS09-013.mspx"/>
+        <description>Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a "credential-reflection protections" opt-in step, aka "Windows HTTP Services Credential Reflection Vulnerability" and "WinINet Credential Reflection Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Kyle Key</contributor>
+            </submitted>
+            <status_change date="2009-04-17T16:45:33.785-04:00">DRAFT</status_change>
+            <status_change date="2009-05-04T04:00:08.766-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND" comment="winhttp.dll version 5.1.2600.3490 or later on Windows 2000 sp4">
+          <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.3490" test_ref="oval:org.mitre.oval:tst:9822"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.1.2600.3494 or later on windows xp sp2 x86">
+          <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.3494" test_ref="oval:org.mitre.oval:tst:9877"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.1.2600.5727 or later on windows xp sp3 x86">
+          <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+          <criterion comment="system32\winhttp.dll version less than 5.1.2600.5727" test_ref="oval:org.mitre.oval:tst:9540"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.3262 or later on windows xp sp1 x64">
+          <extend_definition comment="Microsoft Windows XP SP1 (64-bit) is installed" definition_ref="oval:org.mitre.oval:def:480"/>
+          <criterion comment="system32\winhttp.dll version less than 5.2.3790.3262" test_ref="oval:org.mitre.oval:tst:9795"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.4427 or later on windows xp sp2 x64">
+          <extend_definition comment="Microsoft Windows XP x64 Edition SP2 is installed" definition_ref="oval:org.mitre.oval:def:4193"/>
+          <criterion comment="system32\winhttp.dll version less than 5.2.3790.4427" test_ref="oval:org.mitre.oval:tst:9649"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.3262 or later on windows server 2003 sp1 (x86)(x64)(ia64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x64) is installed" definition_ref="oval:org.mitre.oval:def:4386"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP1 is installed" definition_ref="oval:org.mitre.oval:def:1205"/>
+          </criteria>
+          <criterion comment="Winsxs\winhttp.dll version less than 5.2.3790.3262" test_ref="oval:org.mitre.oval:tst:9580"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 5.2.3790.4427 or later on windows server 2003 sp2 (x86)(x64)(ia64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x64) is installed" definition_ref="oval:org.mitre.oval:def:2161"/>
+            <extend_definition comment="Microsoft Windows Server 2003 (ia64) SP2 is installed" definition_ref="oval:org.mitre.oval:def:1442"/>
+          </criteria>
+          <criterion comment="Winsxs\winhttp.dll version less than 5.2.3790.4427" test_ref="oval:org.mitre.oval:tst:9985"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6000.16786 or later on windows vista GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6000.16000" test_ref="oval:org.mitre.oval:tst:9951"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6000.16786" test_ref="oval:org.mitre.oval:tst:9981"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6000.20971 or later on windows vista LDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:2041"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6000.20000" test_ref="oval:org.mitre.oval:tst:9442"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6000.20971" test_ref="oval:org.mitre.oval:tst:9594"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6001.18178 or later on windows server 2008 sp1 GDR (x86)(x64)(ia64) and windows vista sp1 GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6001.18000" test_ref="oval:org.mitre.oval:tst:9762"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6001.18178" test_ref="oval:org.mitre.oval:tst:9801"/>
+        </criteria>
+        <criteria operator="AND" comment="winhttp.dll versin 6.0.6001.22323 or later on windows server 2008 sp1 LDR (x86)(x64)(ia64) and windows vista sp1 GDR (x86)(x64)">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Vista x64 Edition Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:5254"/>
+            <extend_definition comment="Microsoft Windows Server 2008 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:4870"/>
+            <extend_definition comment="Microsoft Windows Server 2008 x64 Edition is installed" definition_ref="oval:org.mitre.oval:def:5356"/>
+            <extend_definition comment="Microsoft Windows Server 2008 Itanium-Based Edition is installed" definition_ref="oval:org.mitre.oval:def:5667"/>
+          </criteria>
+          <criterion comment="system32\winhttp.dll version greater than or equal 6.0.6001.22000" test_ref="oval:org.mitre.oval:tst:9825"/>
+          <criterion comment="system32\winhttp.dll version less than 6.0.6001.22323" test_ref="oval:org.mitre.oval:tst:9119"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6230" version="0" class="vulnerability">
+      <metadata>
+        <title>Opera Unspecified Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Opera Browser</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0914" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0914"/>
+        <description>Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-02T10:31:31">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-08T14:19:58.387-04:00">DRAFT</status_change>
+            <status_change date="2009-04-27T04:00:18.981-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Opera version is less than 9.64 (9.64.10487.0)" test_ref="oval:org.mitre.oval:tst:9724"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6223" version="0" class="vulnerability">
+      <metadata>
+        <title>Wireshark Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Wireshark</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2008-6472" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6472"/>
+        <description>The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-02T10:31:31">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-08T14:19:58.985-04:00">DRAFT</status_change>
+            <status_change date="2009-04-27T04:00:18.123-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Wireshark version is less than or equal to 1.0.4" test_ref="oval:org.mitre.oval:tst:9676"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6220" version="0" class="vulnerability">
+      <metadata>
+        <title>Opera cross-domain scripting attacks Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Opera Browser</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0915" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0915"/>
+        <description>Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-02T10:31:31">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-08T14:19:59.544-04:00">DRAFT</status_change>
+            <status_change date="2009-04-27T04:00:17.381-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Opera version is less than 9.64 (9.64.10487.0)" test_ref="oval:org.mitre.oval:tst:9724"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6204" version="0" class="vulnerability">
+      <metadata>
+        <title>MS PowerPoint File Parsing Remote Code Execution Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Server 2003</platform>
+          <product>Microsoft PowerPoint 2000</product>
+          <product>Microsoft PowerPoint 2002</product>
+          <product>Microsoft PowerPoint 2003</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0556" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0556"/>
+        <description>Unspecified vulnerability in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint file that triggers access to an "invalid object in memory," as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-08T11:21:42">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-08T14:20:02.428-04:00">DRAFT</status_change>
+            <status_change date="2009-04-27T04:00:16.865-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND" comment="PowerPoint 2000">
+          <extend_definition comment="Microsoft PowerPoint 2000 is installed" definition_ref="oval:org.mitre.oval:def:696"/>
+          <criterion comment="the version of powerpnt.exe is less than or equal to 9.0.0.8969" test_ref="oval:org.mitre.oval:tst:9691"/>
+        </criteria>
+        <criteria operator="AND" comment="PowerPoint 2002">
+          <extend_definition comment="Microsoft PowerPoint 2002 is installed" definition_ref="oval:org.mitre.oval:def:305"/>
+          <criterion comment="the version of powerpnt.exe is less than or equal to 10.0.6842.0" test_ref="oval:org.mitre.oval:tst:9721"/>
+        </criteria>
+        <criteria operator="AND" comment="PowerPoint 2003">
+          <extend_definition comment="Microsoft PowerPoint 2003 is installed" definition_ref="oval:org.mitre.oval:def:666"/>
+          <criterion comment="the version of powerpnt.exe is less than or equal to 11.0.8227.0" test_ref="oval:org.mitre.oval:tst:9748"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5955" version="0" class="vulnerability">
+      <metadata>
+        <title>Opera Execution of arbitrary code Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Opera Browser</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0914" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0914"/>
+        <description>Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-02T10:31:31">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-08T14:20:10.986-04:00">DRAFT</status_change>
+            <status_change date="2009-04-27T04:00:14.468-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Opera version is less than 9.64 (9.64.10487.0)" test_ref="oval:org.mitre.oval:tst:9724"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5559" version="0" class="vulnerability">
+      <metadata>
+        <title>Apple Safari Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Apple Safari</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-1233" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1233"/>
+        <description>Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service (application crash) via an XML document containing many nested A elements.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-07T09:10:59">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-08T14:20:32.015-04:00">DRAFT</status_change>
+            <status_change date="2009-04-27T04:00:08.999-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Safari.exe version is less than or equal to 4.528.16.0" test_ref="oval:org.mitre.oval:tst:9531"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5432" version="0" class="vulnerability">
+      <metadata>
+        <title>Opera Web Browser Denial Of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Opera Browser</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-1234" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1234"/>
+        <description>Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML document containing a long series of start-tags with no corresponding end-tags.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-07T08:55:31.430-04:00">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-08T14:20:33.645-04:00">DRAFT</status_change>
+            <status_change date="2009-04-27T04:00:07.630-04:00">INTERIM</status_change>
+          </dates>
+          <status>INTERIM</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Opera version is less than or equla to 9.64 (9.64.10487.0)" test_ref="oval:org.mitre.oval:tst:9794"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5250" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Seamonkey memory corruption Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Seamonkey</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0771" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0771"/>
+        <description>The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-17T15:11:12">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:45.135-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Seamonkey version is less than or equal to 1.1.15" test_ref="oval:org.mitre.oval:tst:9759"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5335" version="0" class="vulnerability">
+      <metadata>
+        <title>Wireshark CPHAP dissector Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Wireshark</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-1268" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1268"/>
+        <description>The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T16:30:43">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:44.822-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Wireshark version is less than or equal to 1.0.6" test_ref="oval:org.mitre.oval:tst:9785"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5703" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Thunderbird Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Thunderbird</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0772" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0772"/>
+        <description>The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:44.527-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Thunderbird version is less than or equal to 2.0.0.20" test_ref="oval:org.mitre.oval:tst:9988"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5748" version="0" class="vulnerability">
+      <metadata>
+        <title>Wireshark Tektronix .rf5 Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Wireshark</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-1269" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1269"/>
+        <description>Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T16:30:43">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:44.236-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Wireshark version is less than or equal to 1.0.6" test_ref="oval:org.mitre.oval:tst:9785"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5806" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Seamonkey remote code execution Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Seamonkey</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0775" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0775"/>
+        <description>Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-17T15:11:12">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:43.991-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Seamonkey version is less than or equal to 1.1.15" test_ref="oval:org.mitre.oval:tst:9759"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5816" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Thunderbird remote code execution Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Thunderbird</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0775" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0775"/>
+        <description>Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:43.742-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Thunderbird version is less than or equal to 2.0.0.20" test_ref="oval:org.mitre.oval:tst:9988"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5856" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Seamonkey Denial of Service and arbitrary code execution Vulnerabilities</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Seamonkey</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0773" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0773"/>
+        <description>The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-17T15:11:12">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:43.511-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Seamonkey version is less than or equal to 1.1.15" test_ref="oval:org.mitre.oval:tst:9759"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5945" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Seamonkey Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Seamonkey</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0772" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0772"/>
+        <description>The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-17T15:11:12">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:43.262-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Seamonkey version is less than or equal to 1.1.15" test_ref="oval:org.mitre.oval:tst:9759"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5947" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Firefox gczeal (vector) Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Firefox</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0774" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0774"/>
+        <description>The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:42.976-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Firefox version is less than or equal to 3.0.6" test_ref="oval:org.mitre.oval:tst:9992"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5956" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Firefox security bypass Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Firefox</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0776"/>
+        <description>nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:42.647-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Firefox version is less than or equal to 3.0.6" test_ref="oval:org.mitre.oval:tst:9992"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5976" version="0" class="vulnerability">
+      <metadata>
+        <title>Wireshark PROFINET/DCP (PN-DCP) dissector Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Wireshark</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-1210" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1210"/>
+        <description>Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name.  NOTE: some of these details are obtained from third party information.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T16:30:43">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:42.055-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Wireshark version is less than or equal to 1.0.6" test_ref="oval:org.mitre.oval:tst:9785"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:5980" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Thunderbird Denial of Service and arbitrary code execution Vulnerabilities</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Thunderbird</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0773" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0773"/>
+        <description>The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:41.699-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Thunderbird version is less than or equal to 2.0.0.20" test_ref="oval:org.mitre.oval:tst:9988"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6017" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Seamonkey security bypass Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Seamonkey</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0776"/>
+        <description>nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-17T15:11:12">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:41.386-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Seamonkey version is less than or equal to 1.1.15" test_ref="oval:org.mitre.oval:tst:9759"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6039" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Thunderbird Phishing Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Thunderbird</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0777" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0777"/>
+        <description>Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:41.104-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Thunderbird version is less than or equal to 2.0.0.20" test_ref="oval:org.mitre.oval:tst:9988"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6057" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Seamonkey gczeal (vector) Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Seamonkey</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0774" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0774"/>
+        <description>The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-17T15:11:12">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:40.848-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Seamonkey version is less than or equal to 1.1.15" test_ref="oval:org.mitre.oval:tst:9759"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6097" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Firefox Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Firefox</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0772" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0772"/>
+        <description>The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:40.464-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Firefox version is less than or equal to 3.0.6" test_ref="oval:org.mitre.oval:tst:9992"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6099" version="0" class="vulnerability">
+      <metadata>
+        <title>Wireshark LDAP dissector Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Wireshark</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-1267" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1267"/>
+        <description>Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T16:30:43">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:40.197-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+          </criteria>
+          <criterion comment="Wireshark version is less than or equal to 1.0.6" test_ref="oval:org.mitre.oval:tst:9785"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6121" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Thunderbird gczeal (vector) Denial of Service Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Thunderbird</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0774" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0774"/>
+        <description>The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:39.738-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Thunderbird version is less than or equal to 2.0.0.20" test_ref="oval:org.mitre.oval:tst:9988"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6141" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Firefox Denial of Service and arbitrary code execution Vulnerabilities</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Firefox</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0773" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0773"/>
+        <description>The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:39.267-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Firefox version is less than or equal to 3.0.6" test_ref="oval:org.mitre.oval:tst:9992"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6157" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Firefox Phishing Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Firefox</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0777" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0777"/>
+        <description>Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:39.025-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Firefox version is less than or equal to 3.0.6" test_ref="oval:org.mitre.oval:tst:9992"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6163" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Thunderbird memory corruption Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Thunderbird</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0771" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0771"/>
+        <description>The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:38.779-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Thunderbird version is less than or equal to 2.0.0.20" test_ref="oval:org.mitre.oval:tst:9988"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6191" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Thunderbird security bypass Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Thunderbird</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0776"/>
+        <description>nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-16T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:38.104-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Thunderbird version is less than or equal to 2.0.0.20" test_ref="oval:org.mitre.oval:tst:9988"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6196" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Firefox memory corruption Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Firefox</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0771" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0771"/>
+        <description>The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:37.413-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Firefox version is less than or equal to 3.0.6" test_ref="oval:org.mitre.oval:tst:9992"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6207" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Firefox remote code execution Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Firefox</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0775" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0775"/>
+        <description>Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-14T09:45:11">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:36.815-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Firefox version is less than or equal to 3.0.6" test_ref="oval:org.mitre.oval:tst:9992"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6229" version="0" class="vulnerability">
+      <metadata>
+        <title>Mozilla Seamonkey Phishing Vulnerability</title>
+        <affected family="windows">
+          <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows 2003</platform>
+          <platform>Microsoft Windows Vista</platform>
+          <product>Mozilla Seamonkey</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2009-0777" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0777"/>
+        <description>Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2009-04-17T15:11:12">
+              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            </submitted>
+            <status_change date="2009-04-21T14:30:36.222-04:00">DRAFT</status_change>
+          </dates>
+          <status>DRAFT</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND">
+          <criteria operator="OR">
+            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
+            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
+            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/>
+            <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/>
+          </criteria>
+          <criterion comment="Seamonkey version is less than or equal to 1.1.15" test_ref="oval:org.mitre.oval:tst:9759"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:6228" version="1" class="vulnerability">
+      <metadata>
         <title>DNS Server Query Validation Vulnerability</title>
         <affected family="windows">
           <platform>Microsoft Windows 2000</platform>
@@ -23,8 +3254,9 @@
             </submitted>
             <status_change date="2009-03-13T20:23:52.929-04:00">DRAFT</status_change>
             <status_change date="2009-03-30T04:00:24.626-04:00">INTERIM</status_change>
+            <status_change date="2009-04-20T04:00:24.299-04:00">ACCEPTED</status_change>
           </dates>
-          <status>INTERIM</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
@@ -66,7 +3298,7 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:6202" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:6202" version="1" class="vulnerability">
       <metadata>
         <title>Windows Kernel Input Validation Vulnerability</title>
         <affected family="windows">
@@ -85,8 +3317,9 @@
             </submitted>
             <status_change date="2009-03-13T20:23:57.255-04:00">DRAFT</status_change>
             <status_change date="2009-03-30T04:00:23.874-04:00">INTERIM</status_change>
+            <status_change date="2009-04-20T04:00:23.210-04:00">ACCEPTED</status_change>
           </dates>
-          <status>INTERIM</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
@@ -160,7 +3393,7 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:6138" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:6138" version="1" class="vulnerability">
       <metadata>
         <title>DNS Server Vulnerability in WPAD Registration Vulnerability</title>
         <affected family="windows">
@@ -177,8 +3410,9 @@
             </submitted>
             <status_change date="2009-03-13T20:23:57.765-04:00">DRAFT</status_change>
             <status_change date="2009-03-30T04:00:23.121-04:00">INTERIM</status_change>
+            <status_change date="2009-04-20T04:00:22.528-04:00">ACCEPTED</status_change>
           </dates>
-          <status>INTERIM</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
@@ -220,7 +3454,7 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:6117" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:6117" version="1" class="vulnerability">
       <metadata>
         <title>WPAD WINS Server Registration Vulnerability</title>
         <affected family="windows">
@@ -236,8 +3470,9 @@
             </submitted>
             <status_change date="2009-03-13T20:23:58.362-04:00">DRAFT</status_change>
             <status_change date="2009-03-30T04:00:22.645-04:00">INTERIM</status_change>
+            <status_change date="2009-04-20T04:00:21.831-04:00">ACCEPTED</status_change>
           </dates>
-          <status>INTERIM</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
@@ -271,7 +3506,7 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:6036" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:6036" version="1" class="vulnerability">
       <metadata>
         <title>Windows Kernel Handle Validation Vulnerability</title>
         <affected family="windows">
@@ -290,8 +3525,9 @@
             </submitted>
             <status_change date="2009-03-13T20:23:58.798-04:00">DRAFT</status_change>
             <status_change date="2009-03-30T04:00:21.956-04:00">INTERIM</status_change>
+            <status_change date="2009-04-20T04:00:20.039-04:00">ACCEPTED</status_change>
           </dates>
-          <status>INTERIM</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
@@ -365,7 +3601,7 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:6011" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:6011" version="1" class="vulnerability">
       <metadata>
         <title>SChannel Spoofing Vulnerability</title>
         <affected family="windows">
@@ -384,8 +3620,9 @@
             </submitted>
             <status_change date="2009-03-13T20:24:00.338-04:00">DRAFT</status_change>
             <status_change date="2009-03-30T04:00:20.311-04:00">INTERIM</status_change>
+            <status_change date="2009-04-20T04:00:18.909-04:00">ACCEPTED</status_change>
           </dates>
-          <status>INTERIM</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
@@ -459,7 +3696,7 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:5715" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:5715" version="1" class="vulnerability">
       <metadata>
         <title>DNS Server Response Validation Vulnerability</title>
         <affected family="windows">
@@ -476,8 +3713,9 @@
             </submitted>
             <status_change date="2009-03-13T20:24:01.232-04:00">DRAFT</status_change>
             <status_change date="2009-03-30T04:00:19.342-04:00">INTERIM</status_change>
+            <status_change date="2009-04-20T04:00:16.984-04:00">ACCEPTED</status_change>
           </dates>
-          <status>INTERIM</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
@@ -519,7 +3757,7 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:5440" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:5440" version="1" class="vulnerability">
       <metadata>
         <title>Windows Kernel Invalid Pointer Vulnerability</title>
         <affected family="windows">
@@ -536,8 +3774,9 @@
             </submitted>
             <status_change date="2009-03-13T20:24:03.481-04:00">DRAFT</status_change>
             <status_change date="2009-03-30T04:00:16.206-04:00">INTERIM</status_change>
+            <status_change date="2009-04-20T04:00:15.190-04:00">ACCEPTED</status_change>
           </dates>
-          <status>INTERIM</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
@@ -566,137 +3805,339 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:6066" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:5697" version="1" class="vulnerability">
       <metadata>
-        <title>Apple Safari Malformed URI Remote Denail of Service Vulnerability</title>
+        <title>Buffer overflow in Adobe Reader 9.0 and earlier (APSA09-01)</title>
         <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
           <platform>Microsoft Windows XP</platform>
           <platform>Microsoft Windows Vista</platform>
-          <product>Apple Safari</product>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Adobe Acrobat</product>
+          <product>Adobe Reader</product>
         </affected>
-        <reference source="CVE" ref_id="CVE-2009-0744" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0744"/>
-        <description>Apple Safari 4 Beta build 528.16 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a feeds: URI beginning with a (1) % (percent), (2) { (open curly bracket), (3) } (close curly bracket), (4) ^ (caret), (5) ` (backquote), or (6) | (pipe) character, followed by an &amp; (ampersand) character.</description>
+        <reference source="CVE" ref_id="CVE-2009-0658" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0658"/>
+        <description>Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.</description>
         <oval_repository>
           <dates>
-            <submitted date="2009-03-17T12:30:50">
-              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            <submitted date="2009-02-27T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
             </submitted>
-            <status_change date="2009-03-23T10:43:52.586-04:00">DRAFT</status_change>
+            <status_change date="2009-03-02T11:33:21.506-05:00">DRAFT</status_change>
+            <status_change date="2009-03-23T04:00:08.146-04:00">INTERIM</status_change>
+            <status_change date="2009-04-13T04:00:25.852-04:00">ACCEPTED</status_change>
           </dates>
-          <status>DRAFT</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
-        <criteria operator="AND">
-          <criteria operator="OR">
-            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
-            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
-            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
-            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
-          </criteria>
-          <criterion comment="Safari.exe version is less than or equal to 4.528.16.0" test_ref="oval:org.mitre.oval:tst:9789"/>
+        <criteria operator="AND" comment="Adobe Reader 9">
+          <criterion comment="Adobe Reader 9, the VersionMajor is 9" test_ref="oval:org.mitre.oval:tst:9302"/>
+          <criterion comment="Adobe Reader 9, the Version is 150994944 (Hex 9000000)" test_ref="oval:org.mitre.oval:tst:9702"/>
         </criteria>
+        <criteria operator="AND" comment="Adobe Reader 8">
+          <criterion comment="Adobe Reader 8, the VersionMajor is 8" test_ref="oval:org.mitre.oval:tst:9484"/>
+          <criterion comment="Adobe Reader 8, the Version is less than or equal to 134283267 (Hex 8010003)" test_ref="oval:org.mitre.oval:tst:9365"/>
+        </criteria>
+        <criteria operator="AND" comment="Adobe Reader 7">
+          <criterion comment="Adobe Reader 7, the VersionMajor is 7" test_ref="oval:org.mitre.oval:tst:9357"/>
+          <criterion comment="Adobe Reader 7, the Version is less than or equal to 117506048 (Hex 7010000)" test_ref="oval:org.mitre.oval:tst:9381"/>
+        </criteria>
+        <criteria operator="AND" comment="Adobe Acrobat 9">
+          <criterion comment="Adobe Acrobat 9, the VersionMajor is 9" test_ref="oval:org.mitre.oval:tst:9701"/>
+          <criterion comment="Adobe Acrobat 9, the Version is 150994944 (Hex 9000000)" test_ref="oval:org.mitre.oval:tst:9006"/>
+        </criteria>
+        <criteria operator="AND" comment="Adobe Acrobat 8">
+          <criterion comment="Adobe Acrobat 8, the VersionMajor is 8" test_ref="oval:org.mitre.oval:tst:9312"/>
+          <criterion comment="Adobe Acrobat 8, the Version is less than or equal to 134283267 (Hex 8010003)" test_ref="oval:org.mitre.oval:tst:9616"/>
+        </criteria>
+        <criteria operator="AND" comment="Adobe Acrobat 7">
+          <criterion comment="Adobe Acrobat 7, the VersionMajor is 7" test_ref="oval:org.mitre.oval:tst:9552"/>
+          <criterion comment="Adobe Acrobat 7, the Version is less than or equal to 117506048 (Hex 7010000)" test_ref="oval:org.mitre.oval:tst:9127"/>
+        </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:5336" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:6159" version="1" class="vulnerability">
       <metadata>
-        <title>Apple iTunes Information Disclosure Vulnerability</title>
+        <title>Literal Processing Vulnerability</title>
         <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
           <platform>Microsoft Windows XP</platform>
           <platform>Microsoft Windows Vista</platform>
-          <product>Apple iTunes</product>
+          <platform>Microsoft Windows Server 2003</platform>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Microsoft Exchange 2000 Server</product>
+          <product>Microsoft Exchange Server 2003</product>
+          <product>Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1</product>
         </affected>
-        <reference source="CVE" ref_id="CVE-2009-0143" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0143"/>
-        <description>Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast.</description>
+        <reference source="CVE" ref_id="CVE-2009-0099" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0099"/>
+        <description>The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage) via a malformed MAPI command, aka "Literal Processing Vulnerability."</description>
         <oval_repository>
           <dates>
-            <submitted date="2009-03-17T10:31:31">
-              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            <submitted date="2009-02-10T16:00:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
             </submitted>
-            <status_change date="2009-03-23T10:43:56.417-04:00">DRAFT</status_change>
+            <status_change date="2009-02-13T17:01:40.050-05:00">DRAFT</status_change>
+            <modified comment="The bulletin MS09-003 and added a new affected software: Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1." date="2009-02-24T10:48:00.140-05:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </modified>
+            <status_change date="2009-03-16T04:00:20.142-04:00">INTERIM</status_change>
+            <status_change date="2009-04-06T04:00:19.975-04:00">ACCEPTED</status_change>
           </dates>
-          <status>DRAFT</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
       <criteria operator="OR">
+        <criteria operator="AND" comment="Microsoft Exchange 2000 Server Service Pack 3">
+          <extend_definition comment="Microsoft Exchange Server 2000 Service Pack 3 is installed" definition_ref="oval:org.mitre.oval:def:1858"/>
+          <criterion comment="The version of cdo.dll is less than 6.0.6620.9" test_ref="oval:org.mitre.oval:tst:9710"/>
+        </criteria>
         <criteria operator="AND">
+          <extend_definition comment="Microsoft Exchange Server 2003 Service Pack 2 is installed" definition_ref="oval:org.mitre.oval:def:1869"/>
+          <criterion comment="The version of cdoex.dll is less than 6.5.7654.12" test_ref="oval:org.mitre.oval:tst:9502"/>
+        </criteria>
+        <criteria operator="AND" comment="Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 on 32-bit OS">
+          <criterion comment="32-Bit version of Windows is installed" test_ref="oval:org.mitre.oval:tst:2748"/>
+          <criterion comment="The version of exmapi32.dll is less than 6.05.8069.0000 (32-Bit version of Windows)" test_ref="oval:org.mitre.oval:tst:9670"/>
+        </criteria>
+        <criteria operator="AND" comment="Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 on 64-bit OS">
           <criteria operator="OR">
-            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
-            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
-            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
-            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+            <criterion comment="64-Bit (x64 architecture) version of Windows is installed" test_ref="oval:org.mitre.oval:tst:2744"/>
+            <criterion comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/>
           </criteria>
-          <criterion comment="iTunes.exe version is less than 8.1.0.51" test_ref="oval:org.mitre.oval:tst:9153"/>
+          <criterion comment="The version of exmapi32.dll is less than 6.05.8069.0000 (64-Bit version of Windows)" test_ref="oval:org.mitre.oval:tst:9639"/>
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:5868" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:6114" version="1" class="vulnerability">
       <metadata>
-        <title>Microsoft Malformed BMP Filter Vulnerability</title>
+        <title>Memory Corruption Vulnerability</title>
         <affected family="windows">
           <platform>Microsoft Windows 2000</platform>
           <platform>Microsoft Windows XP</platform>
+          <platform>Microsoft Windows Vista</platform>
           <platform>Microsoft Windows Server 2003</platform>
-          <product>Microsoft Office 2000</product>
-          <product>Microsoft Office XP</product>
-          <product>Microsoft Office Project 2002</product>
-          <product>Microsoft Office Converter Pack</product>
-          <product>Microsoft Works</product>
+          <platform>Microsoft Windows Server 2008</platform>
+          <product>Microsoft Exchange 2000 Server</product>
+          <product>Microsoft Exchange Server 2003</product>
+          <product>Microsoft Exchange Server 2007</product>
+          <product>Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1</product>
         </affected>
-        <reference source="CVE" ref_id="CVE-2008-3020" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3020"/>
-        <description>Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."</description>
+        <reference source="CVE" ref_id="CVE-2009-0098" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0098"/>
+        <description>Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."</description>
         <oval_repository>
           <dates>
-            <submitted date="2009-03-16T15:00:00">
+            <submitted date="2009-02-10T16:00:00">
               <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
             </submitted>
-            <status_change date="2009-03-23T10:43:56.089-04:00">DRAFT</status_change>
+            <status_change date="2009-02-13T17:01:41.604-05:00">DRAFT</status_change>
+            <modified comment="The bulletin MS09-003 and added a new affected software: Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1." date="2009-02-24T10:48:00.496-05:00">
+              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
+            </modified>
+            <status_change date="2009-03-16T04:00:19.092-04:00">INTERIM</status_change>
+            <status_change date="2009-04-06T04:00:19.093-04:00">ACCEPTED</status_change>
           </dates>
-          <status>DRAFT</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
+      <criteria operator="OR">
+        <criteria operator="AND" comment="Microsoft Exchange 2000 Server Service Pack 3">
+          <extend_definition comment="Microsoft Exchange Server 2000 Service Pack 3 is installed" definition_ref="oval:org.mitre.oval:def:1858"/>
+          <criterion comment="The version of cdo.dll is less than 6.0.6620.9" test_ref="oval:org.mitre.oval:tst:9710"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Exchange Server 2003 Service Pack 2 is installed" definition_ref="oval:org.mitre.oval:def:1869"/>
+          <criterion comment="The version of cdoex.dll is less than 6.5.7654.12" test_ref="oval:org.mitre.oval:tst:9502"/>
+        </criteria>
+        <criteria operator="AND">
+          <extend_definition comment="Microsoft Exchange Server 2007 SP1 is installed" definition_ref="oval:org.mitre.oval:def:5577"/>
+          <criterion comment="The version of cdoex.dll is less than 8.01.0338.0000" test_ref="oval:org.mitre.oval:tst:9368"/>
+        </criteria>
+        <criteria operator="AND" comment="Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 on 32-bit OS">
+          <criterion comment="32-Bit version of Windows is installed" test_ref="oval:org.mitre.oval:tst:2748"/>
+          <criterion comment="The version of exmapi32.dll is less than 6.05.8069.0000 (32-Bit version of Windows)" test_ref="oval:org.mitre.oval:tst:9670"/>
+        </criteria>
+        <criteria operator="AND" comment="Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 on 64-bit OS">
+          <criteria operator="OR">
+            <criterion comment="64-Bit (x64 architecture) version of Windows is installed" test_ref="oval:org.mitre.oval:tst:2744"/>
+            <criterion comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/>
+          </criteria>
+          <criterion comment="The version of exmapi32.dll is less than 6.05.8069.0000 (64-Bit version of Windows)" test_ref="oval:org.mitre.oval:tst:9639"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:644" version="2" class="vulnerability">
+      <metadata>
+        <title>License Logging Service Vulnerability (Terminal Server)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows NT</platform>
+          <product>MDAC 2.8</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2005-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0050"/>
+        <description>The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2005-03-29T12:00:00.000-04:00">
+              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
+            </submitted>
+            <status_change date="2005-03-29T08:38:00.000-04:00">DRAFT</status_change>
+            <status_change date="2005-04-13T12:15:00.000-04:00">INTERIM</status_change>
+            <status_change date="2005-05-04T12:33:00.000-04:00">ACCEPTED</status_change>
+            <modified comment="Removed reference to test for nt 4.0 and add reference to nt 4.0 inventory definition." date="2008-02-28T12:48:00.621-04:00">
+              <contributor organization="The MITRE Corporation">Jonathan Baker</contributor>
+            </modified>
+            <modified comment="Removed reference to test for nt 4.0 and add reference to nt 4.0 inventory definition." date="2008-02-28T12:48:00.621-04:00">
+              <contributor organization="The MITRE Corporation">Jonathan Baker</contributor>
+            </modified>
+            <status_change date="2008-03-03T04:00:55.342-05:00">INTERIM</status_change>
+            <status_change date="2008-03-24T04:00:49.689-04:00">ACCEPTED</status_change>
+          </dates>
+          <status>ACCEPTED</status>
+        </oval_repository>
+      </metadata>
       <criteria operator="AND">
-        <criteria operator="OR">
-          <extend_definition comment="Microsoft Office 2000 is installed" definition_ref="oval:org.mitre.oval:def:93"/>
-          <extend_definition comment="Microsoft Office 2002 is installed" definition_ref="oval:org.mitre.oval:def:663"/>
-          <extend_definition comment="Microsoft Project 2002 SP1 is installed" definition_ref="oval:org.mitre.oval:def:707"/>
-          <criterion comment="Office File Converter Pack is Installed" test_ref="oval:org.mitre.oval:tst:8935"/>
+        <criteria operator="AND" comment="Software section">
+          <criteria operator="AND" comment="Windows NT Server 4.0, Terminal Server Edition is installed">
+            <extend_definition comment="Microsoft Windows NT is installed" definition_ref="oval:org.mitre.oval:def:36"/>
+            <criterion comment="this is an NT Terminal Server" test_ref="oval:org.mitre.oval:tst:3097"/>
+          </criteria>
+          <criterion negate="true" comment="the patch kb885834 is installed (Hotfix key)" test_ref="oval:org.mitre.oval:tst:2477"/>
+          <criterion comment="the version of Llssrv.exe is less than 4.0.1381.33632" test_ref="oval:org.mitre.oval:tst:2476"/>
         </criteria>
-        <criterion comment="Gifimp32.flt version is less than 2003.1100.8165.0" test_ref="oval:org.mitre.oval:tst:8744"/>
+        <criteria operator="AND" comment="Configuration section">
+          <criterion comment="license logging service is enabled" test_ref="oval:org.mitre.oval:tst:2475"/>
+        </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:6001" version="0" class="vulnerability">
+    <definition id="oval:org.mitre.oval:def:4786" version="3" class="vulnerability">
       <metadata>
-        <title>Apple iTunes Denial of Service Vulnerability</title>
+        <title>License Logging Service Vulnerability (Windows NT)</title>
         <affected family="windows">
-          <platform>Microsoft Windows XP</platform>
-          <platform>Microsoft Windows Vista</platform>
-          <product>Apple iTunes</product>
+          <platform>Microsoft Windows NT</platform>
+          <product>MDAC 2.8</product>
         </affected>
-        <reference source="CVE" ref_id="CVE-2009-0016" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0016"/>
-        <description>Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.</description>
+        <reference source="CVE" ref_id="CVE-2005-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0050"/>
+        <description>The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."</description>
         <oval_repository>
           <dates>
-            <submitted date="2009-03-17T10:31:31">
-              <contributor organization="SecPod Technologies">Chandan S</contributor>
+            <submitted date="2005-03-29T12:00:00.000-04:00">
+              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
             </submitted>
-            <status_change date="2009-03-23T10:43:53.220-04:00">DRAFT</status_change>
+            <status_change date="2005-03-29T08:38:00.000-04:00">DRAFT</status_change>
+            <status_change date="2005-04-13T12:15:00.000-04:00">INTERIM</status_change>
+            <status_change date="2005-05-04T12:33:00.000-04:00">ACCEPTED</status_change>
+            <modified date="2006-10-31T04:13:00.000-04:00" comment="Replaced reference to obj:1374 with reference to obj:1550 since it references Product\Options and not ProductOptions in the controlset registry key.  Modified by Harvey Rubinovitz">
+              <contributor organization="Centennial Software">John Hoyland</contributor>
+            </modified>
+            <status_change date="2006-11-21T04:13:00.000-04:00">INTERIM</status_change>
+            <status_change date="2007-01-03T13:53:58.184-05:00">ACCEPTED</status_change>
+            <modified comment="Removed reference to test for nt 4.0 and add reference to nt 4.0 inventory definition." date="2008-02-28T12:48:00.621-04:00">
+              <contributor organization="The MITRE Corporation">Jonathan Baker</contributor>
+            </modified>
+            <status_change date="2008-03-03T04:00:51.934-05:00">INTERIM</status_change>
+            <status_change date="2008-03-24T04:00:37.179-04:00">ACCEPTED</status_change>
           </dates>
-          <status>DRAFT</status>
+          <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
-      <criteria operator="OR">
-        <criteria operator="AND">
-          <criteria operator="OR">
-            <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/>
-            <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/>
-            <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/>
-            <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/>
+      <criteria operator="AND">
+        <criteria operator="AND" comment="Software section">
+          <criteria operator="AND" comment="Windows NT Server 4.0 is installed">
+            <extend_definition comment="Microsoft Windows NT is installed" definition_ref="oval:org.mitre.oval:def:36"/>
+            <criteria operator="OR" comment="Windows NT server product option">
+              <criterion comment="this is an NT Server (stand-alone)" test_ref="oval:org.mitre.oval:tst:2408"/>
+              <criterion comment="this is an NT Server (domain controller)" test_ref="oval:org.mitre.oval:tst:3035"/>
+            </criteria>
           </criteria>
-          <criterion comment="iTunes.exe version is less than 8.1.0.51" test_ref="oval:org.mitre.oval:tst:9153"/>
+          <criterion negate="true" comment="the patch kb885834 is installed (Hotfix key)" test_ref="oval:org.mitre.oval:tst:2477"/>
+          <criterion comment="the version of Llssrv.exe is less than 4.0.1381.7345" test_ref="oval:org.mitre.oval:tst:302"/>
         </criteria>
+        <criteria operator="AND" comment="Configuration section">
+          <criterion comment="license logging service is enabled" test_ref="oval:org.mitre.oval:tst:2475"/>
+        </criteria>
       </criteria>
     </definition>
+    <definition id="oval:org.mitre.oval:def:3582" version="2" class="vulnerability">
+      <metadata>
+        <title>License Logging Service Vulnerability (Server 2003)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows Server 2003</platform>
+          <product>MDAC 2.8</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2005-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0050"/>
+        <description>The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2005-03-29T12:00:00.000-04:00">
+              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
+            </submitted>
+            <status_change date="2005-03-29T11:25:00.000-04:00">DRAFT</status_change>
+            <status_change date="2005-04-13T12:00:00.000-04:00">INTERIM</status_change>
+            <status_change date="2005-05-04T12:00:00.000-04:00">ACCEPTED</status_change>
+            <modified date="2005-06-02T12:00:00.000-04:00" comment="Corrected Windows Server 2003 test logic">
+              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
+            </modified>
+            <status_change date="2005-06-08T03:17:00.000-04:00">INTERIM</status_change>
+            <status_change date="2005-06-29T06:49:00.000-04:00">ACCEPTED</status_change>
+          </dates>
+          <status>ACCEPTED</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="AND">
+        <criteria comment="Software section" operator="AND">
+          <criterion comment="Windows Server 2003 is installed" negate="false" test_ref="oval:org.mitre.oval:tst:2761"/>
+          <criterion comment="the patch kb885834 is installed (Hotfix key)" negate="true" test_ref="oval:org.mitre.oval:tst:2477"/>
+          <criterion comment="the version of Llssrv.exe is less than 5.2.3790.242" negate="false" test_ref="oval:org.mitre.oval:tst:401"/>
+        </criteria>
+        <criteria comment="Configuration section" operator="AND">
+          <criterion comment="license logging service is enabled" negate="false" test_ref="oval:org.mitre.oval:tst:2475"/>
+        </criteria>
+      </criteria>
+    </definition>
+    <definition id="oval:org.mitre.oval:def:2568" version="2" class="vulnerability">
+      <metadata>
+        <title>License Logging Service Vulnerability (Windows 2000)</title>
+        <affected family="windows">
+          <platform>Microsoft Windows 2000</platform>
+          <product>MDAC 2.8</product>
+        </affected>
+        <reference source="CVE" ref_id="CVE-2005-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0050"/>
+        <description>The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."</description>
+        <oval_repository>
+          <dates>
+            <submitted date="2005-03-29T12:00:00.000-04:00">
+              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
+            </submitted>
+            <status_change date="2005-03-29T08:38:00.000-04:00">DRAFT</status_change>
+            <status_change date="2005-04-13T12:15:00.000-04:00">INTERIM</status_change>
+            <status_change date="2005-05-04T12:33:00.000-04:00">ACCEPTED</status_change>
+            <modified date="2006-10-31T04:13:00.000-04:00" comment="Replaced reference to obj:1374 with reference to obj:1550 since it references Product\Options and not ProductOptions in the controlset registry key.  Modified by Harvey Rubinovitz">
+              <contributor organization="Centennial Software">John Hoyland</contributor>
+            </modified>
+            <status_change date="2006-11-21T04:13:00.000-04:00">INTERIM</status_change>
+            <status_change date="2007-01-03T13:53:52.285-05:00">ACCEPTED</status_change>
+          </dates>
+          <status>ACCEPTED</status>
+        </oval_repository>
+      </metadata>
+      <criteria operator="AND">
+        <criteria comment="Software section" operator="AND">
+          <criteria operator="AND" comment="Windows 2000 Server is installed">
+            <criterion comment="Windows 2000 is installed" negate="false" test_ref="oval:org.mitre.oval:tst:3085"/>
+            <criteria operator="OR" comment="Windows NT server product option">
+              <criterion comment="this is an NT Server (stand-alone)" negate="false" test_ref="oval:org.mitre.oval:tst:2408"/>
+              <criterion comment="this is an NT Server (domain controller)" negate="false" test_ref="oval:org.mitre.oval:tst:3035"/>
+            </criteria>
+          </criteria>
+          <criterion comment="the patch kb885834 is installed (Hotfix key)" negate="true" test_ref="oval:org.mitre.oval:tst:2477"/>
+          <criterion comment="the version of Llssrv.exe is less than 5.0.2195.7021" negate="false" test_ref="oval:org.mitre.oval:tst:513"/>
+        </criteria>
+        <criteria comment="Configuration section" operator="AND">
+          <criterion comment="license logging service is enabled" negate="false" test_ref="oval:org.mitre.oval:tst:2475"/>
+        </criteria>
+      </criteria>
+    </definition>
     <definition id="oval:org.mitre.oval:def:6217" version="1" class="vulnerability">
       <metadata>
         <title>SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability</title>
@@ -1283,165 +4724,6 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:5697" version="0" class="vulnerability">
-      <metadata>
-        <title>Buffer overflow in Adobe Reader 9.0 and earlier (APSA09-01)</title>
-        <affected family="windows">
-          <platform>Microsoft Windows 2000</platform>
-          <platform>Microsoft Windows XP</platform>
-          <platform>Microsoft Windows Vista</platform>
-          <platform>Microsoft Windows Server 2003</platform>
-          <platform>Microsoft Windows Server 2008</platform>
-          <product>Adobe Acrobat</product>
-          <product>Adobe Reader</product>
-        </affected>
-        <reference source="CVE" ref_id="CVE-2009-0658" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0658"/>
-        <description>Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.</description>
-        <oval_repository>
-          <dates>
-            <submitted date="2009-02-27T16:00:00">
-              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
-            </submitted>
-            <status_change date="2009-03-02T11:33:21.506-05:00">DRAFT</status_change>
-            <status_change date="2009-03-23T04:00:08.146-04:00">INTERIM</status_change>
-          </dates>
-          <status>INTERIM</status>
-        </oval_repository>
-      </metadata>
-      <criteria operator="OR">
-        <criteria operator="AND" comment="Adobe Reader 9">
-          <criterion comment="Adobe Reader 9, the VersionMajor is 9" test_ref="oval:org.mitre.oval:tst:9302"/>
-          <criterion comment="Adobe Reader 9, the Version is 150994944 (Hex 9000000)" test_ref="oval:org.mitre.oval:tst:9702"/>
-        </criteria>
-        <criteria operator="AND" comment="Adobe Reader 8">
-          <criterion comment="Adobe Reader 8, the VersionMajor is 8" test_ref="oval:org.mitre.oval:tst:9484"/>
-          <criterion comment="Adobe Reader 8, the Version is less than or equal to 134283267 (Hex 8010003)" test_ref="oval:org.mitre.oval:tst:9365"/>
-        </criteria>
-        <criteria operator="AND" comment="Adobe Reader 7">
-          <criterion comment="Adobe Reader 7, the VersionMajor is 7" test_ref="oval:org.mitre.oval:tst:9357"/>
-          <criterion comment="Adobe Reader 7, the Version is less than or equal to 117506048 (Hex 7010000)" test_ref="oval:org.mitre.oval:tst:9381"/>
-        </criteria>
-        <criteria operator="AND" comment="Adobe Acrobat 9">
-          <criterion comment="Adobe Acrobat 9, the VersionMajor is 9" test_ref="oval:org.mitre.oval:tst:9701"/>
-          <criterion comment="Adobe Acrobat 9, the Version is 150994944 (Hex 9000000)" test_ref="oval:org.mitre.oval:tst:9006"/>
-        </criteria>
-        <criteria operator="AND" comment="Adobe Acrobat 8">
-          <criterion comment="Adobe Acrobat 8, the VersionMajor is 8" test_ref="oval:org.mitre.oval:tst:9312"/>
-          <criterion comment="Adobe Acrobat 8, the Version is less than or equal to 134283267 (Hex 8010003)" test_ref="oval:org.mitre.oval:tst:9616"/>
-        </criteria>
-        <criteria operator="AND" comment="Adobe Acrobat 7">
-          <criterion comment="Adobe Acrobat 7, the VersionMajor is 7" test_ref="oval:org.mitre.oval:tst:9552"/>
-          <criterion comment="Adobe Acrobat 7, the Version is less than or equal to 117506048 (Hex 7010000)" test_ref="oval:org.mitre.oval:tst:9127"/>
-        </criteria>
-      </criteria>
-    </definition>
-    <definition id="oval:org.mitre.oval:def:6159" version="0" class="vulnerability">
-      <metadata>
-        <title>Literal Processing Vulnerability</title>
-        <affected family="windows">
-          <platform>Microsoft Windows 2000</platform>
-          <platform>Microsoft Windows XP</platform>
-          <platform>Microsoft Windows Vista</platform>
-          <platform>Microsoft Windows Server 2003</platform>
-          <platform>Microsoft Windows Server 2008</platform>
-          <product>Microsoft Exchange 2000 Server</product>
-          <product>Microsoft Exchange Server 2003</product>
-          <product>Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1</product>
-        </affected>
-        <reference source="CVE" ref_id="CVE-2009-0099" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0099"/>
-        <description>The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage) via a malformed MAPI command, aka "Literal Processing Vulnerability."</description>
-        <oval_repository>
-          <dates>
-            <submitted date="2009-02-10T16:00:00">
-              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
-            </submitted>
-            <status_change date="2009-02-13T17:01:40.050-05:00">DRAFT</status_change>
-            <modified comment="The bulletin MS09-003 and added a new affected software: Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1." date="2009-02-24T10:48:00.140-05:00">
-              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
-            </modified>
-            <status_change date="2009-03-16T04:00:20.142-04:00">INTERIM</status_change>
-          </dates>
-          <status>INTERIM</status>
-        </oval_repository>
-      </metadata>
-      <criteria operator="OR">
-        <criteria operator="AND" comment="Microsoft Exchange 2000 Server Service Pack 3">
-          <extend_definition comment="Microsoft Exchange Server 2000 Service Pack 3 is installed" definition_ref="oval:org.mitre.oval:def:1858"/>
-          <criterion comment="The version of cdo.dll is less than 6.0.6620.9" test_ref="oval:org.mitre.oval:tst:9710"/>
-        </criteria>
-        <criteria operator="AND">
-          <extend_definition comment="Microsoft Exchange Server 2003 Service Pack 2 is installed" definition_ref="oval:org.mitre.oval:def:1869"/>
-          <criterion comment="The version of cdoex.dll is less than 6.5.7654.12" test_ref="oval:org.mitre.oval:tst:9502"/>
-        </criteria>
-        <criteria operator="AND" comment="Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 on 32-bit OS">
-          <criterion comment="32-Bit version of Windows is installed" test_ref="oval:org.mitre.oval:tst:2748"/>
-          <criterion comment="The version of exmapi32.dll is less than 6.05.8069.0000 (32-Bit version of Windows)" test_ref="oval:org.mitre.oval:tst:9670"/>
-        </criteria>
-        <criteria operator="AND" comment="Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 on 64-bit OS">
-          <criteria operator="OR">
-            <criterion comment="64-Bit (x64 architecture) version of Windows is installed" test_ref="oval:org.mitre.oval:tst:2744"/>
-            <criterion comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/>
-          </criteria>
-          <criterion comment="The version of exmapi32.dll is less than 6.05.8069.0000 (64-Bit version of Windows)" test_ref="oval:org.mitre.oval:tst:9639"/>
-        </criteria>
-      </criteria>
-    </definition>
-    <definition id="oval:org.mitre.oval:def:6114" version="0" class="vulnerability">
-      <metadata>
-        <title>Memory Corruption Vulnerability</title>
-        <affected family="windows">
-          <platform>Microsoft Windows 2000</platform>
-          <platform>Microsoft Windows XP</platform>
-          <platform>Microsoft Windows Vista</platform>
-          <platform>Microsoft Windows Server 2003</platform>
-          <platform>Microsoft Windows Server 2008</platform>
-          <product>Microsoft Exchange 2000 Server</product>
-          <product>Microsoft Exchange Server 2003</product>
-          <product>Microsoft Exchange Server 2007</product>
-          <product>Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1</product>
-        </affected>
-        <reference source="CVE" ref_id="CVE-2009-0098" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0098"/>
-        <description>Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."</description>
-        <oval_repository>
-          <dates>
-            <submitted date="2009-02-10T16:00:00">
-              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
-            </submitted>
-            <status_change date="2009-02-13T17:01:41.604-05:00">DRAFT</status_change>
-            <modified comment="The bulletin MS09-003 and added a new affected software: Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1." date="2009-02-24T10:48:00.496-05:00">
-              <contributor organization="Gideon Technologies, Inc.">Dragos Prisaca</contributor>
-            </modified>
-            <status_change date="2009-03-16T04:00:19.092-04:00">INTERIM</status_change>
-          </dates>
-          <status>INTERIM</status>
-        </oval_repository>
-      </metadata>
-      <criteria operator="OR">
-        <criteria operator="AND" comment="Microsoft Exchange 2000 Server Service Pack 3">
-          <extend_definition comment="Microsoft Exchange Server 2000 Service Pack 3 is installed" definition_ref="oval:org.mitre.oval:def:1858"/>
-          <criterion comment="The version of cdo.dll is less than 6.0.6620.9" test_ref="oval:org.mitre.oval:tst:9710"/>
-        </criteria>
-        <criteria operator="AND">
-          <extend_definition comment="Microsoft Exchange Server 2003 Service Pack 2 is installed" definition_ref="oval:org.mitre.oval:def:1869"/>
-          <criterion comment="The version of cdoex.dll is less than 6.5.7654.12" test_ref="oval:org.mitre.oval:tst:9502"/>
-        </criteria>
-        <criteria operator="AND">
-          <extend_definition comment="Microsoft Exchange Server 2007 SP1 is installed" definition_ref="oval:org.mitre.oval:def:5577"/>
-          <criterion comment="The version of cdoex.dll is less than 8.01.0338.0000" test_ref="oval:org.mitre.oval:tst:9368"/>
-        </criteria>
-        <criteria operator="AND" comment="Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 on 32-bit OS">
-          <criterion comment="32-Bit version of Windows is installed" test_ref="oval:org.mitre.oval:tst:2748"/>
-          <criterion comment="The version of exmapi32.dll is less than 6.05.8069.0000 (32-Bit version of Windows)" test_ref="oval:org.mitre.oval:tst:9670"/>
-        </criteria>
-        <criteria operator="AND" comment="Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 on 64-bit OS">
-          <criteria operator="OR">
-            <criterion comment="64-Bit (x64 architecture) version of Windows is installed" test_ref="oval:org.mitre.oval:tst:2744"/>
-            <criterion comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/>
-          </criteria>
-          <criterion comment="The version of exmapi32.dll is less than 6.05.8069.0000 (64-Bit version of Windows)" test_ref="oval:org.mitre.oval:tst:9639"/>
-        </criteria>
-      </criteria>
-    </definition>
     <definition id="oval:org.mitre.oval:def:6095" version="2" class="vulnerability">
       <metadata>
         <title>Event System Vulnerability</title>
@@ -9277,7 +12559,7 @@
         </affected>
         <reference source="CPE" ref_id="cpe:/o:microsoft:windows_2008::sp1:itanium"/>
         <description>The operating system installed on the system is Microsoft Windows Server 2008
-                Itanium Edition</description>
+                    Itanium Edition</description>
         <oval_repository>
           <dates>
             <submitted date="2008-07-08T14:18:00">
@@ -13016,7 +16298,7 @@
         </affected>
         <reference source="CPE" ref_id="cpe:/o:microsoft:windows_2008::sp1:x64"/>
         <description>The operating system installed on the system is Microsoft Windows Server 2008
-                x64 Edition</description>
+                    x64 Edition</description>
         <oval_repository>
           <dates>
             <submitted date="2008-03-26T10:44:02">
@@ -13046,7 +16328,7 @@
         </affected>
         <reference source="CPE" ref_id="cpe:/o:microsoft:windows_2008:::x86"/>
         <description>The operating system installed on the system is Microsoft Windows Server 2008
-                (32-bit)</description>
+                    (32-bit)</description>
         <oval_repository>
           <dates>
             <submitted date="2008-03-26T10:44:02">
@@ -17210,54 +20492,6 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:4786" version="3" class="vulnerability">
-      <metadata>
-        <title>License Logging Service Vulnerability (Windows NT)</title>
-        <affected family="windows">
-          <platform>Microsoft Windows NT</platform>
-          <product>MDAC 2.8</product>
-        </affected>
-        <reference source="CVE" ref_id="CVE-2005-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0050"/>
-        <description>The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbtirary code, aka the "License Logging Service Vulnerability."</description>
-        <oval_repository>
-          <dates>
-            <submitted date="2005-03-29T12:00:00.000-04:00">
-              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
-            </submitted>
-            <status_change date="2005-03-29T08:38:00.000-04:00">DRAFT</status_change>
-            <status_change date="2005-04-13T12:15:00.000-04:00">INTERIM</status_change>
-            <status_change date="2005-05-04T12:33:00.000-04:00">ACCEPTED</status_change>
-            <modified date="2006-10-31T04:13:00.000-04:00" comment="Replaced reference to obj:1374 with reference to obj:1550 since it references Product\Options and not ProductOptions in the controlset registry key.  Modified by Harvey Rubinovitz">
-              <contributor organization="Centennial Software">John Hoyland</contributor>
-            </modified>
-            <status_change date="2006-11-21T04:13:00.000-04:00">INTERIM</status_change>
-            <status_change date="2007-01-03T13:53:58.184-05:00">ACCEPTED</status_change>
-            <modified comment="Removed reference to test for nt 4.0 and add reference to nt 4.0 inventory definition." date="2008-02-28T12:48:00.621-04:00">
-              <contributor organization="The MITRE Corporation">Jonathan Baker</contributor>
-            </modified>
-            <status_change date="2008-03-03T04:00:51.934-05:00">INTERIM</status_change>
-            <status_change date="2008-03-24T04:00:37.179-04:00">ACCEPTED</status_change>
-          </dates>
-          <status>ACCEPTED</status>
-        </oval_repository>
-      </metadata>
-      <criteria operator="AND">
-        <criteria operator="AND" comment="Software section">
-          <criteria operator="AND" comment="Windows NT Server 4.0 is installed">
-            <extend_definition comment="Microsoft Windows NT is installed" definition_ref="oval:org.mitre.oval:def:36"/>
-            <criteria operator="OR" comment="Windows NT server product option">
-              <criterion comment="this is an NT Server (stand-alone)" test_ref="oval:org.mitre.oval:tst:2408"/>
-              <criterion comment="this is an NT Server (domain controller)" test_ref="oval:org.mitre.oval:tst:3035"/>
-            </criteria>
-          </criteria>
-          <criterion negate="true" comment="the patch kb885834 is installed (Hotfix key)" test_ref="oval:org.mitre.oval:tst:2477"/>
-          <criterion comment="the version of Llssrv.exe is less than 4.0.1381.7345" test_ref="oval:org.mitre.oval:tst:302"/>
-        </criteria>
-        <criteria operator="AND" comment="Configuration section">
-          <criterion comment="license logging service is enabled" test_ref="oval:org.mitre.oval:tst:2475"/>
-        </criteria>
-      </criteria>
-    </definition>
     <definition id="oval:org.mitre.oval:def:4831" version="3" class="vulnerability">
       <metadata>
         <title>WINS Association Context Vulnerability (NT 4.0)</title>
@@ -18314,49 +21548,6 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:644" version="2" class="vulnerability">
-      <metadata>
-        <title>License Logging Service Vulnerability (Terminal Server)</title>
-        <affected family="windows">
-          <platform>Microsoft Windows NT</platform>
-          <product>MDAC 2.8</product>
-        </affected>
-        <reference source="CVE" ref_id="CVE-2005-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0050"/>
-        <description>The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbtirary code, aka the "License Logging Service Vulnerability."</description>
-        <oval_repository>
-          <dates>
-            <submitted date="2005-03-29T12:00:00.000-04:00">
-              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
-            </submitted>
-            <status_change date="2005-03-29T08:38:00.000-04:00">DRAFT</status_change>
-            <status_change date="2005-04-13T12:15:00.000-04:00">INTERIM</status_change>
-            <status_change date="2005-05-04T12:33:00.000-04:00">ACCEPTED</status_change>
-            <modified comment="Removed reference to test for nt 4.0 and add reference to nt 4.0 inventory definition." date="2008-02-28T12:48:00.621-04:00">
-              <contributor organization="The MITRE Corporation">Jonathan Baker</contributor>
-            </modified>
-            <modified comment="Removed reference to test for nt 4.0 and add reference to nt 4.0 inventory definition." date="2008-02-28T12:48:00.621-04:00">
-              <contributor organization="The MITRE Corporation">Jonathan Baker</contributor>
-            </modified>
-            <status_change date="2008-03-03T04:00:55.342-05:00">INTERIM</status_change>
-            <status_change date="2008-03-24T04:00:49.689-04:00">ACCEPTED</status_change>
-          </dates>
-          <status>ACCEPTED</status>
-        </oval_repository>
-      </metadata>
-      <criteria operator="AND">
-        <criteria operator="AND" comment="Software section">
-          <criteria operator="AND" comment="Windows NT Server 4.0, Terminal Server Edition is installed">
-            <extend_definition comment="Microsoft Windows NT is installed" definition_ref="oval:org.mitre.oval:def:36"/>
-            <criterion comment="this is an NT Terminal Server" test_ref="oval:org.mitre.oval:tst:3097"/>
-          </criteria>
-          <criterion negate="true" comment="the patch kb885834 is installed (Hotfix key)" test_ref="oval:org.mitre.oval:tst:2477"/>
-          <criterion comment="the version of Llssrv.exe is less than 4.0.1381.33632" test_ref="oval:org.mitre.oval:tst:2476"/>
-        </criteria>
-        <criteria operator="AND" comment="Configuration section">
-          <criterion comment="license logging service is enabled" test_ref="oval:org.mitre.oval:tst:2475"/>
-        </criteria>
-      </criteria>
-    </definition>
     <definition id="oval:org.mitre.oval:def:681" version="3" class="vulnerability">
       <metadata>
         <title>Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation</title>
@@ -40035,49 +43226,6 @@
         <criterion comment="the patch KB890859 is installed (Hotfix key)" negate="true" test_ref="oval:org.mitre.oval:tst:2737"/>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:2568" version="2" class="vulnerability">
-      <metadata>
-        <title>License Logging Service Vulnerability (Windows 2000)</title>
-        <affected family="windows">
-          <platform>Microsoft Windows 2000</platform>
-          <product>MDAC 2.8</product>
-        </affected>
-        <reference source="CVE" ref_id="CVE-2005-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0050"/>
-        <description>The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbtirary code, aka the "License Logging Service Vulnerability."</description>
-        <oval_repository>
-          <dates>
-            <submitted date="2005-03-29T12:00:00.000-04:00">
-              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
-            </submitted>
-            <status_change date="2005-03-29T08:38:00.000-04:00">DRAFT</status_change>
-            <status_change date="2005-04-13T12:15:00.000-04:00">INTERIM</status_change>
-            <status_change date="2005-05-04T12:33:00.000-04:00">ACCEPTED</status_change>
-            <modified date="2006-10-31T04:13:00.000-04:00" comment="Replaced reference to obj:1374 with reference to obj:1550 since it references Product\Options and not ProductOptions in the controlset registry key.  Modified by Harvey Rubinovitz">
-              <contributor organization="Centennial Software">John Hoyland</contributor>
-            </modified>
-            <status_change date="2006-11-21T04:13:00.000-04:00">INTERIM</status_change>
-            <status_change date="2007-01-03T13:53:52.285-05:00">ACCEPTED</status_change>
-          </dates>
-          <status>ACCEPTED</status>
-        </oval_repository>
-      </metadata>
-      <criteria operator="AND">
-        <criteria comment="Software section" operator="AND">
-          <criteria operator="AND" comment="Windows 2000 Server is installed">
-            <criterion comment="Windows 2000 is installed" negate="false" test_ref="oval:org.mitre.oval:tst:3085"/>
-            <criteria operator="OR" comment="Windows NT server product option">
-              <criterion comment="this is an NT Server (stand-alone)" negate="false" test_ref="oval:org.mitre.oval:tst:2408"/>
-              <criterion comment="this is an NT Server (domain controller)" negate="false" test_ref="oval:org.mitre.oval:tst:3035"/>
-            </criteria>
-          </criteria>
-          <criterion comment="the patch kb885834 is installed (Hotfix key)" negate="true" test_ref="oval:org.mitre.oval:tst:2477"/>
-          <criterion comment="the version of Llssrv.exe is less than 5.0.2195.7021" negate="false" test_ref="oval:org.mitre.oval:tst:513"/>
-        </criteria>
-        <criteria comment="Configuration section" operator="AND">
-          <criterion comment="license logging service is enabled" negate="false" test_ref="oval:org.mitre.oval:tst:2475"/>
-        </criteria>
-      </criteria>
-    </definition>
     <definition id="oval:org.mitre.oval:def:2570" version="1" class="vulnerability">
       <metadata>
         <title>Windows XP Hyperlink Object Library Unchecked Buffer Vulnerability</title>
@@ -41795,43 +44943,6 @@
         </criteria>
       </criteria>
     </definition>
-    <definition id="oval:org.mitre.oval:def:3582" version="2" class="vulnerability">
-      <metadata>
-        <title>License Logging Service Vulnerability (Server 2003)</title>
-        <affected family="windows">
-          <platform>Microsoft Windows Server 2003</platform>
-          <product>MDAC 2.8</product>
-        </affected>
-        <reference source="CVE" ref_id="CVE-2005-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0050"/>
-        <description>The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbtirary code, aka the "License Logging Service Vulnerability."</description>
-        <oval_repository>
-          <dates>
-            <submitted date="2005-03-29T12:00:00.000-04:00">
-              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
-            </submitted>
-            <status_change date="2005-03-29T11:25:00.000-04:00">DRAFT</status_change>
-            <status_change date="2005-04-13T12:00:00.000-04:00">INTERIM</status_change>
-            <status_change date="2005-05-04T12:00:00.000-04:00">ACCEPTED</status_change>
-            <modified date="2005-06-02T12:00:00.000-04:00" comment="Corrected Windows Server 2003 test logic">
-              <contributor organization="The MITRE Corporation">Ingrid Skoog</contributor>
-            </modified>
-            <status_change date="2005-06-08T03:17:00.000-04:00">INTERIM</status_change>
-            <status_change date="2005-06-29T06:49:00.000-04:00">ACCEPTED</status_change>
-          </dates>
-          <status>ACCEPTED</status>
-        </oval_repository>
-      </metadata>
-      <criteria operator="AND">
-        <criteria comment="Software section" operator="AND">
-          <criterion comment="Windows Server 2003 is installed" negate="false" test_ref="oval:org.mitre.oval:tst:2761"/>
-          <criterion comment="the patch kb885834 is installed (Hotfix key)" negate="true" test_ref="oval:org.mitre.oval:tst:2477"/>
-          <criterion comment="the version of Llssrv.exe is less than 5.2.3790.242" negate="false" test_ref="oval:org.mitre.oval:tst:401"/>
-        </criteria>
-        <criteria comment="Configuration section" operator="AND">
-          <criterion comment="license logging service is enabled" negate="false" test_ref="oval:org.mitre.oval:tst:2475"/>
-        </criteria>
-      </criteria>
-    </definition>
     <definition id="oval:org.mitre.oval:def:3585" version="1" class="vulnerability">
       <metadata>
         <title>Web View Remote Code Execution Vulnerability</title>
@@ -62730,7 +65841,7 @@
       <criteria operator="AND">
         <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:org.mitre.oval:def:105"/>
         <criterion negate="true" comment="a version of Windows for the ia64 architecture is installed" test_ref="oval:org.mitre.oval:tst:2747"/>
-        <criterion comment="Win2K/XP/2003 service pack 1 is installed" test_ref="oval:org.mitre.oval:tst:2843"/>
+        <criterion comment="Win2K/XP/2003/Vista service pack 1 is installed" test_ref="oval:org.mitre.oval:tst:2843"/>
       </criteria>
     </definition>
     <definition class="vulnerability" id="oval:org.mitre.oval:def:431" version="1">
@@ -71112,8 +74223,10 @@
           <status>ACCEPTED</status>
         </oval_repository>
       </metadata>
-      <criteria>
+      <criteria operator="OR">
+        <criterion comment="%ProgramFile%\Microsoft Office\OFFICE11\xlview.exe exists" test_ref="oval:org.mitre.oval:tst:9880"/>
         <criterion comment="Excel Viewer is installed." test_ref="oval:org.mitre.oval:tst:61"/>
+        <criterion comment="Excel Viewer 2003 is installed." test_ref="oval:org.mitre.oval:tst:9130"/>
       </criteria>
     </definition>
     <definition id="oval:org.mitre.oval:def:100002" version="3" class="vulnerability">
@@ -78075,6 +81188,373 @@
     </definition>
   </definitions>
   <tests>
+    <registry_test id="oval:org.mitre.oval:tst:10158" version="1" comment="Microsoft Internet Security and Acceleration Server 2004 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:5997"/>
+      <state state_ref="oval:org.mitre.oval:ste:4454"/>
+    </registry_test>
+    <file_test id="oval:org.mitre.oval:tst:9891" version="1" comment="the version of wspsrv.exe is greater than or equal 4.0.3439.50" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4787"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9803" version="1" comment="the version of wspsrv.exe is less than 4.0.3445.909" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4999"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10157" version="1" comment="the version of wspsrv.exe is less than 4.0.2167.909" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4714"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10122" version="1" comment="the version of wspsrv.exe is greater than or equal 4.0.2161.50" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4946"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9789" version="1" comment="Safari.exe version is less than or equal to 4.528.16.0" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6668"/>
+      <state state_ref="oval:org.mitre.oval:ste:4718"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9743" version="1" comment="Excel Viewer 2007 is installed." check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6918"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9986" version="1" comment="Excel.exe version is less than 9.0.0.8977" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6509"/>
+      <state state_ref="oval:org.mitre.oval:ste:4757"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9960" version="1" comment="Xlview.exe version is less than 11.0.8302.0" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6089"/>
+      <state state_ref="oval:org.mitre.oval:ste:4969"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9937" version="1" comment="Excel.exe version is less than 11.0.8302.0" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6435"/>
+      <state state_ref="oval:org.mitre.oval:ste:4969"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9892" version="1" comment="Excelcnv.exe version is less than 12.0.6341.5001" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:5316"/>
+      <state state_ref="oval:org.mitre.oval:ste:4955"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9874" version="1" comment="Excel.exe version is less than 10.0.6852.0" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6446"/>
+      <state state_ref="oval:org.mitre.oval:ste:4456"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9740" version="1" comment="Excel.exe version is less than 12.0.6341.5001" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6362"/>
+      <state state_ref="oval:org.mitre.oval:ste:4955"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9715" version="1" comment="XLView.exe version is less than 12.0.6341.5001" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6918"/>
+      <state state_ref="oval:org.mitre.oval:ste:4955"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9983" version="1" comment="the version of Msdtcprx.dll is less than 2001.12.4720.3180" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6697"/>
+      <state state_ref="oval:org.mitre.oval:ste:4040"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9953" version="1" comment="the version of Msdtcprx.dll is less than 2001.12.4414.320" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6697"/>
+      <state state_ref="oval:org.mitre.oval:ste:5008"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9855" version="1" comment="the version of Msdtcprx.dll is less than 2000.2.3549.0" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6697"/>
+      <state state_ref="oval:org.mitre.oval:ste:4963"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9824" version="1" comment="the version of Msdtcprx.dll is less than 2001.12.6931.18085" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6697"/>
+      <state state_ref="oval:org.mitre.oval:ste:4377"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9752" version="1" comment="the version of Msdtcprx.dll is less than 2001.12.4720.4340" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6697"/>
+      <state state_ref="oval:org.mitre.oval:ste:4975"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9750" version="1" comment="the version of Msdtcprx.dll is less than 2001.12.6930.16697" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6697"/>
+      <state state_ref="oval:org.mitre.oval:ste:4623"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9475" version="1" comment="the version of Msdtcprx.dll is less than 2001.12.4414.706" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6697"/>
+      <state state_ref="oval:org.mitre.oval:ste:4033"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9946" version="1" comment="the version of wordpad.exe is less than 5.2.3790.3129" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:389"/>
+      <state state_ref="oval:org.mitre.oval:ste:5000"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9738" version="1" comment="the version of wordpad.exe is less than 5.1.2600.3355" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:389"/>
+      <state state_ref="oval:org.mitre.oval:ste:4708"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9583" version="1" comment="the version of wordpad.exe is less than 5.0.2195.7155" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:389"/>
+      <state state_ref="oval:org.mitre.oval:ste:5019"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9249" version="1" comment="the version of wordpad.exe is less than 5.2.3790.4282" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:389"/>
+      <state state_ref="oval:org.mitre.oval:ste:4225"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9166" version="1" comment="the version of wordpad.exe is less than 5.1.2600.5584" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:389"/>
+      <state state_ref="oval:org.mitre.oval:ste:4231"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9980" version="1" comment="the version of Kernel32.dll is greater than or equal 6.0.6000.20000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:5001"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9945" version="1" comment="The version of Kernel32.dll is less than 5.1.2600.5781" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4804"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9936" version="1" comment="The version of Kernel32.dll is less than 6.0.6001.22376" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4986"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9932" version="1" comment="the version of Kernel32.dll is greater than or equal 6.0.6001.18000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:5046"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9886" version="1" comment="The version of Kernel32.dll is less than 5.2.3790.3311" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4773"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9775" version="1" comment="The version of Kernel32.dll is less than 6.0.6000.21010" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4992"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9719" version="1" comment="the version of Kernel32.dll is greater than or equal 6.0.6000.16000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4052"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9587" version="1" comment="The version of Secur32.dll is less than 5.0.2195.7244" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6810"/>
+      <state state_ref="oval:org.mitre.oval:ste:4919"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9167" version="1" comment="the version of Kernel32.dll is greater than or equal 6.0.6001.22000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4830"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10168" version="1" comment="The version of Kernel32.dll is less than 5.2.3790.4480" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4355"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10016" version="1" comment="The version of Kernel32.dll is less than 6.0.6000.16820" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:5016"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10006" version="1" comment="The version of Kernel32.dll is less than 5.1.2600.3541" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4311"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10000" version="1" comment="The version of Kernel32.dll is less than 6.0.6001.18215" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1549"/>
+      <state state_ref="oval:org.mitre.oval:ste:4928"/>
+    </file_test>
+    <registry_test id="oval:org.mitre.oval:tst:10093" version="1" comment="Microsoft Internet Security and Acceleration Server 2006 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6361"/>
+      <state state_ref="oval:org.mitre.oval:ste:4222"/>
+    </registry_test>
+    <file_test id="oval:org.mitre.oval:tst:9920" version="1" comment="the version of wspsrv.exe is greater than or equal 5.0.5720.100" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4902"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9875" version="1" comment="the version of wspsrv.exe is less than 5.0.5721.261" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4704"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9815" version="1" comment="the version of wspsrv.exe is greater than or equal 5.0.5721.240" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4881"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9772" version="1" comment="the version of wspsrv.exe is less than 5.0.5720.172" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:5045"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9597" version="1" comment="the version of wspsrv.exe is less than 5.0.5723.511" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4605"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10021" version="1" comment="the version of wspsrv.exe is greater than or equal 5.0.5723.493" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6969"/>
+      <state state_ref="oval:org.mitre.oval:ste:4934"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9623" version="1" comment="the version of msconv97.dll is less than 2003.1100.8202.0" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:423"/>
+      <state state_ref="oval:org.mitre.oval:ste:4944"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9976" version="1" comment="Mshtml.dll version is less than 7.0.6000.16825" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:4860"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9705" version="1" comment="Mshtml.dll version is less than 7.0.6000.21015" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:5022"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9688" version="1" comment="Mshtml.dll version is less than 7.0.6000.16830" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:4954"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10150" version="1" comment="Mshtml.dll version is less than 7.0.6001.18226" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:5037"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10115" version="1" comment="Mshtml.dll version is less than 7.0.6000.21023" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:4733"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:10005" version="1" comment="Mshtml.dll version is less than 7.0.6001.22389" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:4988"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9952" version="1" comment="the version of Quartz.dll is less than 6.5.2600.3497" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:704"/>
+      <state state_ref="oval:org.mitre.oval:ste:4941"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9947" version="1" comment="the version of Quartz.dll is less than 6.5.3790.3266" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:704"/>
+      <state state_ref="oval:org.mitre.oval:ste:4686"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9893" version="1" comment="the version of Quartz.dll is less than 6.5.1.910" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:704"/>
+      <state state_ref="oval:org.mitre.oval:ste:4877"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9839" version="1" comment="the version of Quartz.dll is less than 6.3.1.892" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:704"/>
+      <state state_ref="oval:org.mitre.oval:ste:4269"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9805" version="1" comment="the version of Quartz.dll is less than 6.5.2600.5731" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:704"/>
+      <state state_ref="oval:org.mitre.oval:ste:4970"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9002" version="1" comment="the version of Quartz.dll is less than 6.5.3790.3266" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:704"/>
+      <state state_ref="oval:org.mitre.oval:ste:4947"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9788" version="1" comment="Mshtml.dll version is less than 6.0.3790.4470" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:4508"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9783" version="1" comment="Mshtml.dll version is less than 5.0.3874.1900" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:4326"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9744" version="1" comment="Mshtml.dll version is less than 6.0.2900.3527" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:5002"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9684" version="1" comment="Mshtml.dll version is less than 6.0.2800.1625" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:4681"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9622" version="1" comment="Mshtml.dll version is less than 6.0.2900.5764" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:4692"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9395" version="1" comment="Mshtml.dll version is less than 6.0.3790.3304" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:222"/>
+      <state state_ref="oval:org.mitre.oval:ste:5035"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9153" version="1" comment="iTunes.exe version is less than 8.1.0.51" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6563"/>
+      <state state_ref="oval:org.mitre.oval:ste:4791"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9985" version="1" comment="Winsxs\winhttp.dll version less than 5.2.3790.4427" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6159"/>
+      <state state_ref="oval:org.mitre.oval:ste:4778"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9981" version="1" comment="system32\winhttp.dll version less than 6.0.6000.16786" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4887"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9951" version="1" comment="system32\winhttp.dll version greater than or equal 6.0.6000.16000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4342"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9877" version="1" comment="system32\winhttp.dll version less than 5.1.2600.3494" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4741"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9825" version="1" comment="system32\winhttp.dll version greater than or equal 6.0.6001.22000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4709"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9822" version="1" comment="system32\winhttp.dll version less than 5.1.2600.3490" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4889"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9801" version="1" comment="system32\winhttp.dll version less than 6.0.6001.18178" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4507"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9795" version="1" comment="system32\winhttp.dll version less than 5.2.3790.3262" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4730"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9762" version="1" comment="system32\winhttp.dll version greater than or equal 6.0.6001.18000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4557"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9649" version="1" comment="system32\winhttp.dll version less than 5.2.3790.4427" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4778"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9594" version="1" comment="system32\winhttp.dll version less than 6.0.6000.20971" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4483"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9580" version="1" comment="Winsxs\winhttp.dll version less than 5.2.3790.3262" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6159"/>
+      <state state_ref="oval:org.mitre.oval:ste:4730"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9540" version="1" comment="system32\winhttp.dll version less than 5.1.2600.5727" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4242"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9442" version="1" comment="system32\winhttp.dll version greater than or equal 6.0.6000.20000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4620"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9119" version="1" comment="system32\winhttp.dll version less than 6.0.6001.22323" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6928"/>
+      <state state_ref="oval:org.mitre.oval:ste:4729"/>
+    </file_test>
+    <registry_test id="oval:org.mitre.oval:tst:9676" version="1" comment="Wireshark version is less than or equal to 1.0.4" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6871"/>
+      <state state_ref="oval:org.mitre.oval:ste:4414"/>
+    </registry_test>
+    <file_test id="oval:org.mitre.oval:tst:9748" version="1" comment="the version of powerpnt.exe is less than or equal to 11.0.8227.0" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:553"/>
+      <state state_ref="oval:org.mitre.oval:ste:4854"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9721" version="1" comment="the version of powerpnt.exe is less than or equal to 10.0.6842.0" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:553"/>
+      <state state_ref="oval:org.mitre.oval:ste:4452"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9691" version="1" comment="the version of powerpnt.exe is less than or equal to 9.0.0.8969" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:553"/>
+      <state state_ref="oval:org.mitre.oval:ste:4781"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9724" version="1" comment="Opera version is less than 9.64 (9.64.10487.0)" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6638"/>
+      <state state_ref="oval:org.mitre.oval:ste:4803"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9531" version="1" comment="Safari.exe version is less than or equal to 4.528.16.0" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6668"/>
+      <state state_ref="oval:org.mitre.oval:ste:4655"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9794" version="1" comment="Opera version is less than or equla to 9.64 (9.64.10487.0)" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6743"/>
+      <state state_ref="oval:org.mitre.oval:ste:4720"/>
+    </file_test>
+    <registry_test id="oval:org.mitre.oval:tst:9785" version="1" comment="Wireshark version is less than or equal to 1.0.6" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6871"/>
+      <state state_ref="oval:org.mitre.oval:ste:4447"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9988" version="1" comment="Thunderbird version is less than or equal to 2.0.0.20" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6768"/>
+      <state state_ref="oval:org.mitre.oval:ste:4066"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9992" version="1" comment="Firefox version is less than or equal to 3.0.6" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6886"/>
+      <state state_ref="oval:org.mitre.oval:ste:5010"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9759" version="1" comment="Seamonkey version is less than or equal to 1.1.15" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6012"/>
+      <state state_ref="oval:org.mitre.oval:ste:4590"/>
+    </registry_test>
     <file_test id="oval:org.mitre.oval:tst:9686" version="1" comment="the version of wins.exe is less than 5.2.3790.3281" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:276"/>
       <state state_ref="oval:org.mitre.oval:ste:4608"/>
@@ -78159,14 +81639,98 @@
       <object object_ref="oval:org.mitre.oval:obj:570"/>
       <state state_ref="oval:org.mitre.oval:ste:4353"/>
     </file_test>
-    <file_test id="oval:org.mitre.oval:tst:9789" version="1" comment="Safari.exe version is less than or equal to 4.528.16.0" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6668"/>
-      <state state_ref="oval:org.mitre.oval:ste:4718"/>
+    <registry_test id="oval:org.mitre.oval:tst:9702" version="1" comment="Adobe Reader 9, the Version is 150994944 (Hex 9000000)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6819"/>
+      <state state_ref="oval:org.mitre.oval:ste:4254"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9701" version="1" comment="Adobe Acrobat 9, the VersionMajor is 9" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6751"/>
+      <state state_ref="oval:org.mitre.oval:ste:4387"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9616" version="1" comment="Adobe Acrobat 8, the Version is less than or equal to 134283267 (Hex 8010003)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6636"/>
+      <state state_ref="oval:org.mitre.oval:ste:4593"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9552" version="1" comment="Adobe Acrobat 7, the VersionMajor is 7" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6726"/>
+      <state state_ref="oval:org.mitre.oval:ste:4648"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9484" version="1" comment="Adobe Reader 8, the VersionMajor is 8" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6765"/>
+      <state state_ref="oval:org.mitre.oval:ste:4649"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9381" version="1" comment="Adobe Reader 7, the Version is less than or equal to 117506048 (Hex 7010000)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6504"/>
+      <state state_ref="oval:org.mitre.oval:ste:4772"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9365" version="1" comment="Adobe Reader 8, the Version is less than or equal to 134283267 (Hex 8010003)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:5958"/>
+      <state state_ref="oval:org.mitre.oval:ste:4593"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9357" version="1" comment="Adobe Reader 7, the VersionMajor is 7" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6648"/>
+      <state state_ref="oval:org.mitre.oval:ste:4648"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9312" version="1" comment="Adobe Acrobat 8, the VersionMajor is 8" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6119"/>
+      <state state_ref="oval:org.mitre.oval:ste:4649"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9302" version="1" comment="Adobe Reader 9, the VersionMajor is 9" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6160"/>
+      <state state_ref="oval:org.mitre.oval:ste:4387"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9127" version="1" comment="Adobe Acrobat 7, the Version is less than or equal to 117506048 (Hex 7010000)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6401"/>
+      <state state_ref="oval:org.mitre.oval:ste:4772"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:9006" version="1" comment="Adobe Acrobat 9, the Version is 150994944 (Hex 9000000)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6449"/>
+      <state state_ref="oval:org.mitre.oval:ste:4254"/>
+    </registry_test>
+    <file_test id="oval:org.mitre.oval:tst:9710" version="1" comment="The version of cdo.dll is less than 6.0.6620.9" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:513"/>
+      <state state_ref="oval:org.mitre.oval:ste:4769"/>
     </file_test>
-    <file_test id="oval:org.mitre.oval:tst:9153" version="1" comment="iTunes.exe version is less than 8.1.0.51" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6563"/>
-      <state state_ref="oval:org.mitre.oval:ste:4791"/>
+    <file_test id="oval:org.mitre.oval:tst:9670" version="1" comment="The version of exmapi32.dll is less than 6.05.8069.0000 (32-Bit version of Windows)" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6619"/>
+      <state state_ref="oval:org.mitre.oval:ste:4815"/>
     </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9639" version="1" comment="The version of exmapi32.dll is less than 6.05.8069.0000 (64-Bit version of Windows)" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6841"/>
+      <state state_ref="oval:org.mitre.oval:ste:4815"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9502" version="1" comment="The version of cdoex.dll is less than 6.5.7654.12" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:513"/>
+      <state state_ref="oval:org.mitre.oval:ste:4651"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9368" version="1" comment="The version of cdoex.dll is less than 8.01.0338.0000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:513"/>
+      <state state_ref="oval:org.mitre.oval:ste:4685"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:2476" version="1" comment="the version of Llssrv.exe is less than 4.0.1381.33632" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:277"/>
+      <state state_ref="oval:org.mitre.oval:ste:2320"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:302" version="1" comment="the version of Llssrv.exe is less than 4.0.1381.7345" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:277"/>
+      <state state_ref="oval:org.mitre.oval:ste:296"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:401" version="1" check="at least one" comment="the version of Llssrv.exe is less than 5.2.3790.242" check_existence="at_least_one_exists" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:277"/>
+      <state state_ref="oval:org.mitre.oval:ste:375"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:513" version="1" check="at least one" comment="the version of Llssrv.exe is less than 5.0.2195.7021" check_existence="at_least_one_exists" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:277"/>
+      <state state_ref="oval:org.mitre.oval:ste:468"/>
+    </file_test>
+    <registry_test id="oval:org.mitre.oval:tst:2477" version="1" comment="the patch kb885834 is installed (Hotfix key)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1408"/>
+      <state state_ref="oval:org.mitre.oval:ste:2321"/>
+    </registry_test>
+    <registry_test id="oval:org.mitre.oval:tst:2475" version="1" comment="license logging service is enabled" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:1407"/>
+      <state state_ref="oval:org.mitre.oval:ste:2319"/>
+    </registry_test>
     <registry_test id="oval:org.mitre.oval:tst:9665" version="1" comment="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\Version is greater than 9.0.0.0" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:6714"/>
       <state state_ref="oval:org.mitre.oval:ste:4310"/>
@@ -78283,74 +81847,6 @@
       <object object_ref="oval:org.mitre.oval:obj:222"/>
       <state state_ref="oval:org.mitre.oval:ste:4700"/>
     </file_test>
-    <registry_test id="oval:org.mitre.oval:tst:9702" version="1" comment="Adobe Reader 9, the Version is 150994944 (Hex 9000000)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6819"/>
-      <state state_ref="oval:org.mitre.oval:ste:4254"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9701" version="1" comment="Adobe Acrobat 9, the VersionMajor is 9" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6751"/>
-      <state state_ref="oval:org.mitre.oval:ste:4387"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9616" version="1" comment="Adobe Acrobat 8, the Version is less than or equal to 134283267 (Hex 8010003)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6636"/>
-      <state state_ref="oval:org.mitre.oval:ste:4593"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9552" version="1" comment="Adobe Acrobat 7, the VersionMajor is 7" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6726"/>
-      <state state_ref="oval:org.mitre.oval:ste:4648"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9484" version="1" comment="Adobe Reader 8, the VersionMajor is 8" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6765"/>
-      <state state_ref="oval:org.mitre.oval:ste:4649"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9381" version="1" comment="Adobe Reader 7, the Version is less than or equal to 117506048 (Hex 7010000)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6504"/>
-      <state state_ref="oval:org.mitre.oval:ste:4772"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9365" version="1" comment="Adobe Reader 8, the Version is less than or equal to 134283267 (Hex 8010003)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:5958"/>
-      <state state_ref="oval:org.mitre.oval:ste:4593"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9357" version="1" comment="Adobe Reader 7, the VersionMajor is 7" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6648"/>
-      <state state_ref="oval:org.mitre.oval:ste:4648"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9312" version="1" comment="Adobe Acrobat 8, the VersionMajor is 8" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6119"/>
-      <state state_ref="oval:org.mitre.oval:ste:4649"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9302" version="1" comment="Adobe Reader 9, the VersionMajor is 9" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6160"/>
-      <state state_ref="oval:org.mitre.oval:ste:4387"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9127" version="1" comment="Adobe Acrobat 7, the Version is less than or equal to 117506048 (Hex 7010000)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6401"/>
-      <state state_ref="oval:org.mitre.oval:ste:4772"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:9006" version="1" comment="Adobe Acrobat 9, the Version is 150994944 (Hex 9000000)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6449"/>
-      <state state_ref="oval:org.mitre.oval:ste:4254"/>
-    </registry_test>
-    <file_test id="oval:org.mitre.oval:tst:9710" version="1" comment="The version of cdo.dll is less than 6.0.6620.9" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:513"/>
-      <state state_ref="oval:org.mitre.oval:ste:4769"/>
-    </file_test>
-    <file_test id="oval:org.mitre.oval:tst:9670" version="1" comment="The version of exmapi32.dll is less than 6.05.8069.0000 (32-Bit version of Windows)" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6619"/>
-      <state state_ref="oval:org.mitre.oval:ste:4815"/>
-    </file_test>
-    <file_test id="oval:org.mitre.oval:tst:9639" version="1" comment="The version of exmapi32.dll is less than 6.05.8069.0000 (64-Bit version of Windows)" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:6841"/>
-      <state state_ref="oval:org.mitre.oval:ste:4815"/>
-    </file_test>
-    <file_test id="oval:org.mitre.oval:tst:9502" version="1" comment="The version of cdoex.dll is less than 6.5.7654.12" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:513"/>
-      <state state_ref="oval:org.mitre.oval:ste:4651"/>
-    </file_test>
-    <file_test id="oval:org.mitre.oval:tst:9368" version="1" comment="The version of cdoex.dll is less than 8.01.0338.0000" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:513"/>
-      <state state_ref="oval:org.mitre.oval:ste:4685"/>
-    </file_test>
     <file_test id="oval:org.mitre.oval:tst:9147" version="2" comment="the version of es.dll is less than 2001.12.4720.3129" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:6432"/>
       <state state_ref="oval:org.mitre.oval:ste:4354"/>
@@ -80709,10 +84205,6 @@
       <object object_ref="oval:org.mitre.oval:obj:389"/>
       <state state_ref="oval:org.mitre.oval:ste:857"/>
     </file_test>
-    <file_test id="oval:org.mitre.oval:tst:302" version="1" comment="the version of Llssrv.exe is less than 4.0.1381.7345" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:277"/>
-      <state state_ref="oval:org.mitre.oval:ste:296"/>
-    </file_test>
     <file_test id="oval:org.mitre.oval:tst:301" version="1" comment="the version of wins.exe is less than 4.0.1381.7329" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:276"/>
       <state state_ref="oval:org.mitre.oval:ste:295"/>
@@ -80906,10 +84398,6 @@
       <object object_ref="oval:org.mitre.oval:obj:1711"/>
       <state state_ref="oval:org.mitre.oval:ste:2809"/>
     </file_test>
-    <file_test id="oval:org.mitre.oval:tst:2476" version="1" comment="the version of Llssrv.exe is less than 4.0.1381.33632" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:277"/>
-      <state state_ref="oval:org.mitre.oval:ste:2320"/>
-    </file_test>
     <file_test id="oval:org.mitre.oval:tst:2430" version="1" comment="the version of user32.dll is less than 4.0.1381.7177" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:390"/>
       <state state_ref="oval:org.mitre.oval:ste:2277"/>
@@ -83174,10 +86662,6 @@
       <object object_ref="oval:org.mitre.oval:obj:223"/>
       <state state_ref="oval:org.mitre.oval:ste:3486"/>
     </file_test>
-    <file_test id="oval:org.mitre.oval:tst:513" version="1" check="at least one" comment="the version of Llssrv.exe is less than 5.0.2195.7021" check_existence="at_least_one_exists" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:277"/>
-      <state state_ref="oval:org.mitre.oval:ste:468"/>
-    </file_test>
     <file_test id="oval:org.mitre.oval:tst:3072" version="1" check="at least one" comment="the version of netman.dll is less than 5.0.2195.5974" check_existence="at_least_one_exists" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:658"/>
       <state state_ref="oval:org.mitre.oval:ste:2877"/>
@@ -83416,18 +86900,6 @@
       <object object_ref="oval:org.mitre.oval:obj:253"/>
       <state state_ref="oval:org.mitre.oval:ste:386"/>
     </file_test>
-    <file_test id="oval:org.mitre.oval:tst:401" version="1" check="at least one" comment="the version of Llssrv.exe is less than 5.2.3790.242" check_existence="at_least_one_exists" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:277"/>
-      <state state_ref="oval:org.mitre.oval:ste:375"/>
-    </file_test>
-    <registry_test id="oval:org.mitre.oval:tst:2477" version="1" comment="the patch kb885834 is installed (Hotfix key)" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:1408"/>
-      <state state_ref="oval:org.mitre.oval:ste:2321"/>
-    </registry_test>
-    <registry_test id="oval:org.mitre.oval:tst:2475" version="1" comment="license logging service is enabled" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <object object_ref="oval:org.mitre.oval:obj:1407"/>
-      <state state_ref="oval:org.mitre.oval:ste:2319"/>
-    </registry_test>
     <file_test id="oval:org.mitre.oval:tst:400" version="1" check="at least one" comment="the version of webvw.dll is less than 5.0.3900.7036" check_existence="at_least_one_exists" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:357"/>
       <state state_ref="oval:org.mitre.oval:ste:374"/>
@@ -86491,6 +89963,12 @@
     <registry_test id="oval:org.mitre.oval:tst:2420" version="1" comment="Excel 2002 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:1377"/>
     </registry_test>
+    <file_test id="oval:org.mitre.oval:tst:9880" version="1" comment="%ProgramFile%\Microsoft Office\OFFICE11\xlview.exe exists" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6945"/>
+    </file_test>
+    <file_test id="oval:org.mitre.oval:tst:9130" version="1" comment="Excel Viewer 2003 is installed." check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <object object_ref="oval:org.mitre.oval:obj:6979"/>
+    </file_test>
     <file_test id="oval:org.mitre.oval:tst:61" version="1" comment="Excel Viewer is installed." check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <object object_ref="oval:org.mitre.oval:obj:659"/>
     </file_test>
@@ -87431,34 +90909,73 @@
     </registry_test>
   </tests>
   <objects>
-    <registry_object id="oval:org.mitre.oval:obj:6714" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+    <registry_object id="oval:org.mitre.oval:obj:5997" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <hive>HKEY_LOCAL_MACHINE</hive>
-      <key>SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup</key>
-      <name>Version</name>
+      <key>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0AC95D97-1B75-4AC7-B061-F21E379FF809}</key>
+      <name>VersionMajor</name>
     </registry_object>
-    <registry_object id="oval:org.mitre.oval:obj:6861" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+    <file_object id="oval:org.mitre.oval:obj:6918" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:721" var_check="all"/>
+      <filename>XLVIEW.EXE</filename>
+    </file_object>
+    <registry_object id="oval:org.mitre.oval:obj:6292" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <hive>HKEY_LOCAL_MACHINE</hive>
-      <key>SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup</key>
-      <name>SP</name>
+      <key>SOFTWARE\Microsoft\Office\12.0\Common\InstallRoot</key>
+      <name>Path</name>
     </registry_object>
-    <file_object id="oval:org.mitre.oval:obj:6082" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <path var_ref="oval:org.mitre.oval:var:939" var_check="all"/>
-      <filename>Msdtssrvr.exe</filename>
+    <file_object id="oval:org.mitre.oval:obj:6697" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:200" var_check="all"/>
+      <filename>Msdtcprx.dll</filename>
     </file_object>
-    <registry_object id="oval:org.mitre.oval:obj:6384" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+    <file_object id="oval:org.mitre.oval:obj:6810" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:200" var_check="all"/>
+      <filename>secur32.dll</filename>
+    </file_object>
+    <registry_object id="oval:org.mitre.oval:obj:6361" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <hive>HKEY_LOCAL_MACHINE</hive>
-      <key>SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup</key>
-      <name>SQLPath</name>
+      <key>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD4CEE59-5192-4CE1-8AFA-1CFA8EB37209}</key>
+      <name>VersionMajor</name>
     </registry_object>
-    <file_object id="oval:org.mitre.oval:obj:6668" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <path var_ref="oval:org.mitre.oval:var:24" var_check="all"/>
-      <filename>Safari.exe</filename>
+    <file_object id="oval:org.mitre.oval:obj:6969" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:364" var_check="all"/>
+      <filename>wspsrv.exe</filename>
     </file_object>
-    <registry_object id="oval:org.mitre.oval:obj:6703" version="1" comment="The registry key that holds the location of the program files directory." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+    <file_object id="oval:org.mitre.oval:obj:6159" version="1" comment="this will find side-by-side winhttp.dll" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path operation="pattern match" var_ref="oval:org.mitre.oval:var:306" var_check="all"/>
+      <filename>winhttp.dll</filename>
+    </file_object>
+    <file_object id="oval:org.mitre.oval:obj:6928" version="1" comment="system32\winhttp.dll" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:200" var_check="all"/>
+      <filename>winhttp.dll</filename>
+    </file_object>
+    <file_object id="oval:org.mitre.oval:obj:6638" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:938" var_check="all"/>
+      <filename>opera.exe</filename>
+    </file_object>
+    <file_object id="oval:org.mitre.oval:obj:6743" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:858" var_check="all"/>
+      <filename>opera.exe</filename>
+    </file_object>
+    <registry_object id="oval:org.mitre.oval:obj:6871" version="1" comment="The registry key that holds the version of he wireshark." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <hive>HKEY_LOCAL_MACHINE</hive>
-      <key>SOFTWARE\Apple Computer, Inc.\Safari</key>
-      <name>InstallDir</name>
+      <key>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wireshark</key>
+      <name>DisplayVersion</name>
     </registry_object>
+    <registry_object id="oval:org.mitre.oval:obj:6768" version="1" comment="The registry key that holds the version of the Thunderbird" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\Mozilla\Mozilla Thunderbird</key>
+      <name>CurrentVersion</name>
+    </registry_object>
+    <registry_object id="oval:org.mitre.oval:obj:6886" version="1" comment="The registry key that holds the version of the Firefox" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\Mozilla\Mozilla Firefox</key>
+      <name>CurrentVersion</name>
+    </registry_object>
+    <registry_object id="oval:org.mitre.oval:obj:6012" version="1" comment="The registry key that holds the version of the Seamonkey" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\mozilla.org\Seamonkey</key>
+      <name>CurrentVersion</name>
+    </registry_object>
     <registry_object id="oval:org.mitre.oval:obj:6819" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <hive>HKEY_LOCAL_MACHINE</hive>
       <key var_ref="oval:org.mitre.oval:var:128" var_check="all"/>
@@ -87567,6 +91084,48 @@
       <key>SOFTWARE\Wow6432Node\Clients\Mail\ExchangeMAPI</key>
       <name>DLLPathEx</name>
     </registry_object>
+    <file_object id="oval:org.mitre.oval:obj:277" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:200" var_check="all"/>
+      <filename>llssrv.exe</filename>
+    </file_object>
+    <registry_object id="oval:org.mitre.oval:obj:1408" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885834</key>
+      <name>Installed</name>
+    </registry_object>
+    <registry_object id="oval:org.mitre.oval:obj:1407" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SYSTEM\CurrentControlSet\Services\LicenseService</key>
+      <name>Start</name>
+    </registry_object>
+    <registry_object id="oval:org.mitre.oval:obj:6714" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup</key>
+      <name>Version</name>
+    </registry_object>
+    <registry_object id="oval:org.mitre.oval:obj:6861" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup</key>
+      <name>SP</name>
+    </registry_object>
+    <file_object id="oval:org.mitre.oval:obj:6082" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:939" var_check="all"/>
+      <filename>Msdtssrvr.exe</filename>
+    </file_object>
+    <registry_object id="oval:org.mitre.oval:obj:6384" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup</key>
+      <name>SQLPath</name>
+    </registry_object>
+    <file_object id="oval:org.mitre.oval:obj:6668" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:24" var_check="all"/>
+      <filename>Safari.exe</filename>
+    </file_object>
+    <registry_object id="oval:org.mitre.oval:obj:6703" version="1" comment="The registry key that holds the location of the program files directory." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\Apple Computer, Inc.\Safari</key>
+      <name>InstallDir</name>
+    </registry_object>
     <file_object id="oval:org.mitre.oval:obj:6432" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <path var_ref="oval:org.mitre.oval:var:200" var_check="all"/>
       <filename>es.dll</filename>
@@ -89138,20 +92697,6 @@
       <key>SOFTWARE\Classes\ITSProtocol</key>
       <name xsi:nil="true"/>
     </registry_object>
-    <file_object id="oval:org.mitre.oval:obj:277" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <path var_ref="oval:org.mitre.oval:var:200" var_check="all"/>
-      <filename>llssrv.exe</filename>
-    </file_object>
-    <registry_object id="oval:org.mitre.oval:obj:1408" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <hive>HKEY_LOCAL_MACHINE</hive>
-      <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885834</key>
-      <name>Installed</name>
-    </registry_object>
-    <registry_object id="oval:org.mitre.oval:obj:1407" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <hive>HKEY_LOCAL_MACHINE</hive>
-      <key>SYSTEM\CurrentControlSet\Services\LicenseService</key>
-      <name>Start</name>
-    </registry_object>
     <file_object id="oval:org.mitre.oval:obj:357" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <path var_ref="oval:org.mitre.oval:var:200" var_check="all"/>
       <filename>webvw.dll</filename>
@@ -90721,6 +94266,19 @@
       <key>SOFTWARE\Microsoft\Office\10.0\Excel\InstallRoot</key>
       <name xsi:nil="true"/>
     </registry_object>
+    <file_object id="oval:org.mitre.oval:obj:6945" version="1" comment="Full path to xlview.exe" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:107" var_check="all"/>
+      <filename>xlview.exe</filename>
+    </file_object>
+    <file_object id="oval:org.mitre.oval:obj:6979" version="1" comment="Full path to xlview.exe" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <path var_ref="oval:org.mitre.oval:var:894" var_check="only one"/>
+      <filename/>
+    </file_object>
+    <registry_object id="oval:org.mitre.oval:obj:6907" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <hive>HKEY_LOCAL_MACHINE</hive>
+      <key>SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B025EE03392B4E348B1A777F7A5DCE16</key>
+      <name>9040480900063D11C8EF10054038389C</name>
+    </registry_object>
     <registry_object id="oval:org.mitre.oval:obj:246" version="2" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <hive>HKEY_LOCAL_MACHINE</hive>
       <key operation="equals">SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB834707</key>
@@ -91408,6 +94966,252 @@
     </registry_object>
   </objects>
   <states>
+    <registry_state id="oval:org.mitre.oval:ste:4454" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int">4</value>
+    </registry_state>
+    <file_state id="oval:org.mitre.oval:ste:4787" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">4.0.3439.50</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4999" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">4.0.3445.909</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4714" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">4.0.2167.909</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4946" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">4.0.2161.50</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4718" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than or equal">4.528.16.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4757" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">9.0.0.8977</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4969" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">11.0.8302.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4456" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">10.0.6852.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4955" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">12.0.6341.5001</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4040" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">2001.12.4720.3180</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5008" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">2001.12.4414.320</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4963" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">2000.2.3549.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4377" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">2001.12.6931.18085</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4975" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">2001.12.4720.4340</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4623" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">2001.12.6930.16697</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4033" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">2001.12.4414.706</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5000" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.2.3790.3129</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4708" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.1.2600.3355</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5019" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.0.2195.7155</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4225" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.2.3790.4282</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4231" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.1.2600.5584</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5001" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">6.0.6000.20000</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4804" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.1.2600.5781</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4986" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6001.22376</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5046" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">6.0.6001.18000</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4773" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.2.3790.3311</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4992" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6000.21010</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4052" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">6.0.6000.16000</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4919" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.0.2195.7244</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4830" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">6.0.6001.22000</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4355" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.2.3790.4480</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5016" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6000.16820</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4311" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.1.2600.3541</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4928" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6001.18215</version>
+    </file_state>
+    <registry_state id="oval:org.mitre.oval:ste:4222" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int">5</value>
+    </registry_state>
+    <file_state id="oval:org.mitre.oval:ste:4902" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">5.0.5720.100</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4704" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.0.5721.261</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4881" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">5.0.5721.240</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5045" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.0.5720.172</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4605" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.0.5723.511</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4934" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="greater than or equal">5.0.5723.493</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4944" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">2003.1100.8202.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4860" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">7.0.6000.16825</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5022" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">7.0.6000.21015</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4954" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">7.0.6000.16830</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5037" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">7.0.6001.18226</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4733" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">7.0.6000.21023</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4988" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">7.0.6001.22389</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4941" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.5.2600.3497</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4686" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.5.3790.3266</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4877" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.5.1.910</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4269" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.3.1.892</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4970" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.5.2600.5731</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4947" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.5.3790.4431</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4508" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.3790.4470</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4326" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.0.3874.1900</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5002" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.2900.3527</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4681" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.2800.1625</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4692" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.2900.5764</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:5035" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.3790.3304</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4791" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">8.1.0.51</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4887" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6000.16786</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4741" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.1.2600.3494</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4889" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.1.2600.3490</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4507" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6001.18178</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4778" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.2.3790.4427</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4483" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6000.20971</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4730" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.2.3790.3262</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4242" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.1.2600.5727</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4729" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6001.22323</version>
+    </file_state>
+    <registry_state id="oval:org.mitre.oval:ste:4414" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="version" operation="less than or equal">1.0.4</value>
+    </registry_state>
+    <file_state id="oval:org.mitre.oval:ste:4854" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than or equal">11.0.8227.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4452" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than or equal">10.0.6842.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4781" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than or equal">9.0.0.8969</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4803" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">9.64.10487.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4655" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than or equal">4.528.16.0</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4720" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than or equal">9.64.10487.0</version>
+    </file_state>
+    <registry_state id="oval:org.mitre.oval:ste:4447" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="version" operation="less than or equal">1.0.6</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:4066" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value operation="pattern match">^([01]\..*|2\.0\.0\.([01]?[0-9]|20)) .*</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:5010" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value operation="pattern match">^([0-2]\..*|3.0.[0-6]) .*</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:4590" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value operation="pattern match">^(1\.(0\.*|1\.(0?[0-9]|1[0-5]))) .*</value>
+    </registry_state>
     <file_state id="oval:org.mitre.oval:ste:4608" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">5.2.3790.3281</version>
     </file_state>
@@ -91471,12 +95275,54 @@
     <file_state id="oval:org.mitre.oval:ste:4353" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">5.0.2195.7251</version>
     </file_state>
-    <file_state id="oval:org.mitre.oval:ste:4718" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than or equal">4.528.16.0</version>
+    <registry_state id="oval:org.mitre.oval:ste:4593" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int" operation="less than or equal">134283267</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:4648" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int">7</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:4649" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int">8</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:4387" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int">9</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:4772" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int" operation="less than or equal">117506048</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:4254" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int">150994944</value>
+    </registry_state>
+    <file_state id="oval:org.mitre.oval:ste:4769" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.0.6620.9</version>
     </file_state>
-    <file_state id="oval:org.mitre.oval:ste:4791" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">8.1.0.51</version>
+    <file_state id="oval:org.mitre.oval:ste:4815" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.05.8069.0000</version>
     </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4651" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">6.5.7654.12</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:4685" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">8.01.0338.0000</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:2320" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">4.0.1381.33632</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:296" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">4.0.1381.7345</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:375" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.2.3790.242</version>
+    </file_state>
+    <file_state id="oval:org.mitre.oval:ste:468" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <version datatype="version" operation="less than">5.0.2195.7021</version>
+    </file_state>
+    <registry_state id="oval:org.mitre.oval:ste:2321" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value datatype="int">1</value>
+    </registry_state>
+    <registry_state id="oval:org.mitre.oval:ste:2319" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
+      <value operation="not equal" datatype="int">4</value>
+    </registry_state>
     <registry_state id="oval:org.mitre.oval:ste:4310" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <value datatype="version" operation="greater than">9.0.0.0</value>
     </registry_state>
@@ -91564,36 +95410,6 @@
     <file_state id="oval:org.mitre.oval:ste:4700" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">7.0.6001.22355</version>
     </file_state>
-    <registry_state id="oval:org.mitre.oval:ste:4593" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <value datatype="int" operation="less than or equal">134283267</value>
-    </registry_state>
-    <registry_state id="oval:org.mitre.oval:ste:4648" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <value datatype="int">7</value>
-    </registry_state>
-    <registry_state id="oval:org.mitre.oval:ste:4649" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <value datatype="int">8</value>
-    </registry_state>
-    <registry_state id="oval:org.mitre.oval:ste:4387" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <value datatype="int">9</value>
-    </registry_state>
-    <registry_state id="oval:org.mitre.oval:ste:4772" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <value datatype="int" operation="less than or equal">117506048</value>
-    </registry_state>
-    <registry_state id="oval:org.mitre.oval:ste:4254" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <value datatype="int">150994944</value>
-    </registry_state>
-    <file_state id="oval:org.mitre.oval:ste:4769" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">6.0.6620.9</version>
-    </file_state>
-    <file_state id="oval:org.mitre.oval:ste:4815" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">6.05.8069.0000</version>
-    </file_state>
-    <file_state id="oval:org.mitre.oval:ste:4651" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">6.5.7654.12</version>
-    </file_state>
-    <file_state id="oval:org.mitre.oval:ste:4685" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">8.01.0338.0000</version>
-    </file_state>
     <file_state id="oval:org.mitre.oval:ste:4354" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">2001.12.4720.3129</version>
     </file_state>
@@ -93212,9 +97028,6 @@
     <file_state id="oval:org.mitre.oval:ste:857" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">4.0.1381.33598</version>
     </file_state>
-    <file_state id="oval:org.mitre.oval:ste:296" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">4.0.1381.7345</version>
-    </file_state>
     <file_state id="oval:org.mitre.oval:ste:295" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">4.0.1381.7329</version>
     </file_state>
@@ -93353,9 +97166,6 @@
     <file_state id="oval:org.mitre.oval:ste:2809" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">4.0.1381.7140</version>
     </file_state>
-    <file_state id="oval:org.mitre.oval:ste:2320" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">4.0.1381.33632</version>
-    </file_state>
     <file_state id="oval:org.mitre.oval:ste:2277" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">4.0.1381.7177</version>
     </file_state>
@@ -94996,9 +98806,6 @@
     <file_state id="oval:org.mitre.oval:ste:3486" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">5.1.2600.2696</version>
     </file_state>
-    <file_state id="oval:org.mitre.oval:ste:468" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">5.0.2195.7021</version>
-    </file_state>
     <file_state id="oval:org.mitre.oval:ste:2877" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">5.0.2195.5974</version>
     </file_state>
@@ -95175,15 +98982,6 @@
     <file_state id="oval:org.mitre.oval:ste:386" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">6.0.2600.151</version>
     </file_state>
-    <file_state id="oval:org.mitre.oval:ste:375" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <version datatype="version" operation="less than">5.2.3790.242</version>
-    </file_state>
-    <registry_state id="oval:org.mitre.oval:ste:2321" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <value datatype="int">1</value>
-    </registry_state>
-    <registry_state id="oval:org.mitre.oval:ste:2319" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
-      <value operation="not equal" datatype="int">4</value>
-    </registry_state>
     <file_state id="oval:org.mitre.oval:ste:374" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
       <version datatype="version" operation="less than">5.0.3900.7036</version>
     </file_state>
@@ -98006,18 +101804,35 @@
     </registry_state>
   </states>
   <variables>
-    <local_variable id="oval:org.mitre.oval:var:939" version="1" comment="SQL Server 2005 - DTS\Binn directory" datatype="string">
+    <local_variable id="oval:org.mitre.oval:var:721" version="1" comment="Office12 install folder" datatype="string">
+      <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6292"/>
+    </local_variable>
+    <local_variable id="oval:org.mitre.oval:var:364" version="1" comment="%Program Files%\Microsoft ISA Server directory" datatype="string">
       <concat>
-        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6384"/>
-        <literal_component>\Binn</literal_component>
+        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:309"/>
+        <literal_component>\Microsoft ISA Server</literal_component>
       </concat>
     </local_variable>
-    <local_variable id="oval:org.mitre.oval:var:24" version="1" comment="Safari Directory" datatype="string">
+    <local_variable id="oval:org.mitre.oval:var:306" version="1" comment="WinHttp directory" datatype="string">
       <concat>
-        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6703"/>
-        <literal_component>\</literal_component>
+        <escape_regex>
+          <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:219"/>
+        </escape_regex>
+        <literal_component>\\WinSxS\\x86_Microsoft.Windows.WinHTTP_.+</literal_component>
       </concat>
     </local_variable>
+    <local_variable id="oval:org.mitre.oval:var:938" version="1" comment="Opera directory" datatype="string">
+      <concat>
+        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:309"/>
+        <literal_component>\opera</literal_component>
+      </concat>
+    </local_variable>
+    <local_variable id="oval:org.mitre.oval:var:858" version="1" comment="Opera directory" datatype="string">
+      <concat>
+        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:309"/>
+        <literal_component>\opera</literal_component>
+      </concat>
+    </local_variable>
     <local_variable id="oval:org.mitre.oval:var:172" version="1" comment="..." datatype="string">
       <concat>
         <literal_component>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\</literal_component>
@@ -98060,6 +101875,18 @@
     <local_variable id="oval:org.mitre.oval:var:524" version="1" comment="HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\Mail\ExchangeMAPI\\DLLPathEx" datatype="string">
       <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6377"/>
     </local_variable>
+    <local_variable id="oval:org.mitre.oval:var:939" version="1" comment="SQL Server 2005 - DTS\Binn directory" datatype="string">
+      <concat>
+        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6384"/>
+        <literal_component>\Binn</literal_component>
+      </concat>
+    </local_variable>
+    <local_variable id="oval:org.mitre.oval:var:24" version="1" comment="Safari Directory" datatype="string">
+      <concat>
+        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6703"/>
+        <literal_component>\</literal_component>
+      </concat>
+    </local_variable>
     <local_variable id="oval:org.mitre.oval:var:234" version="2" comment="..." datatype="string">
       <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:719"/>
     </local_variable>
@@ -98206,12 +102033,6 @@
         <literal_component>\Microsoft Office\Office</literal_component>
       </concat>
     </local_variable>
-    <local_variable id="oval:org.mitre.oval:var:107" version="1" comment="Office11 folder in Program Files" datatype="string">
-      <concat>
-        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:309"/>
-        <literal_component>\Microsoft Office\Office11</literal_component>
-      </concat>
-    </local_variable>
     <local_variable id="oval:org.mitre.oval:var:621" version="1" comment="Office10 folder in Program Files" datatype="string">
       <concat>
         <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:309"/>
@@ -98470,6 +102291,15 @@
         <literal_component>Reader\plug_ins</literal_component>
       </concat>
     </local_variable>
+    <local_variable id="oval:org.mitre.oval:var:107" version="1" comment="Office11 folder in Program Files" datatype="string">
+      <concat>
+        <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:309"/>
+        <literal_component>\Microsoft Office\Office11</literal_component>
+      </concat>
+    </local_variable>
+    <local_variable id="oval:org.mitre.oval:var:894" version="1" comment="Excel Viewer install location" datatype="string">
+      <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6907"/>
+    </local_variable>
     <local_variable id="oval:org.mitre.oval:var:223" comment="..." version="1" datatype="string">
       <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:524"/>
     </local_variable>



More information about the Openvas-commits mailing list