Microsoft Office Remote Code Execution Vulnerability (3017349) - wrong qod_type

2014/gb_ms_office_ms14-082.nasl has

script_tag(name:"qod_type", value:"registry");

but despite the tag the nvt rather appears to check for a dll file and not for an actual registry key

dllVer = fetch_file_version(sysPath:sysPath, file_name:"system32\fm20.dll");

Would be also nice to get the usual version

Installed version: xxx
Fixed version:     xxx

output then to be able to comprehend/verify the result.

1 Like

Thanks a lot for this notification.

While there is normally not much work put into such old single VTs (this is nearly 8 years old) expect for fixing any false positives i still have created an internal task for the responsible team working on this topic to review the suggestion.