ID |
CVE-2012-0183
|
Summary |
Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mismatch Vulnerability." |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
-
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp2:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
|
CVSS |
Base: | 9.3 (as of 12-10-2018 - 22:02) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
msbulletin
via4
|
bulletin_id | MS12-029 | bulletin_url | | date | 2012-05-08T00:00:00 | impact | Remote Code Execution | knowledgebase_id | 2680352 | knowledgebase_url | | severity | Critical | title | Vulnerability in Microsoft Word Could Allow Remote Code Execution |
|
oval
via4
|
accepted | 2014-06-30T04:05:40.358-04:00 | class | vulnerability | contributors | name | Josh Turpin | organization | Symantec Corporation |
name | Josh Turpin | organization | Symantec Corporation |
name | Maria Mikhno | organization | ALTX-SOFT |
| definition_extensions | comment | Microsoft Word 2003 is installed | oval | oval:org.mitre.oval:def:475 |
comment | Microsoft Word 2007 is installed | oval | oval:org.mitre.oval:def:2074 |
comment | Microsoft Office Compatibility Pack is installed | oval | oval:org.mitre.oval:def:1853 |
| description | Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mismatch Vulnerability." | family | windows | id | oval:org.mitre.oval:def:15327 | status | accepted | submitted | 2012-05-08T13:00:00 | title | RTF Mismatch Vulnerability | version | 22 |
|
refmap
via4
|
bid | 53344 | cert | TA12-129A | sectrack | 1027035 | secunia | 49111 | xf | microsoft-office-rtf-code-execution(75122) |
|
Last major update |
12-10-2018 - 22:02 |
Published |
09-05-2012 - 00:55 |
Last modified |
12-10-2018 - 22:02 |