CVE-2012-2539
Microsoft Word Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
YesDecision
Descriptions
Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."
Microsoft Word 2003 SP3, 2007 SP2 y SP3, y 2010 SP1; Word Viewer; Office Compatibility Pack SP2 y SP3; y Office Web Apps 2010 SP1 permiten a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de datos RTF modificados, alias "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."
Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-05-09 CVE Reserved
- 2012-12-12 CVE Published
- 2022-03-28 Exploited in Wild
- 2022-04-18 KEV Due Date
- 2024-08-06 CVE Updated
- 2024-11-07 EPSS Updated
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.us-cert.gov/cas/techalerts/TA12-346A.html | Third Party Advisory | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16073 | Broken Link |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-079 | 2024-07-09 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Office Compatibility Pack Search vendor "Microsoft" for product "Office Compatibility Pack" | - | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Compatibility Pack Search vendor "Microsoft" for product "Office Compatibility Pack" | - | sp3 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Web Apps Search vendor "Microsoft" for product "Office Web Apps" | 2010 Search vendor "Microsoft" for product "Office Web Apps" and version "2010" | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Word Viewer Search vendor "Microsoft" for product "Office Word Viewer" | - | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Sharepoint Server Search vendor "Microsoft" for product "Sharepoint Server" | 2010 Search vendor "Microsoft" for product "Sharepoint Server" and version "2010" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2003 Search vendor "Microsoft" for product "Word" and version "2003" | sp3 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2007 Search vendor "Microsoft" for product "Word" and version "2007" | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2007 Search vendor "Microsoft" for product "Word" and version "2007" | sp3 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2010 Search vendor "Microsoft" for product "Word" and version "2010" | sp1 |
Affected
|