Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the current user.

checkpoint_advisories 6

threatpost 30

thn 15

canvas 1

exploitdb 1

attackerkb 2

saint 4

openvas 2

fireeye 10

cve 1

packetstorm 1

cvelist 1

nessus 1

zdt 2

mskb 1

metasploit 1

prion 1

nvd 1

talosblog 1

malwarebytes 1

seebug 1

myhack58 2

carbonblack 1

securityvulns 1

securelist 1

ics 2

qualysblog 4

avleonov 1

checkpoint_advisories

MSCOMCTL.OCX Killbit: bdd1f04b-858b-11d1-b16a-00c0f0283628 (MS12-027; CVE-2012-0158)

2012-04-10 00:00:00

MSCOMCTL.OCX Killbit: 9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E (MS12-027; CVE-2012-0158)

2012-04-10 00:00:00

Microsoft Windows MSCOMCTL.OCX ActiveX Control Remote Code Execution - Ver2 (CVE-2012-0158)

2014-04-16 00:00:00

threatpost

NetTraveler Attackers Using PRISM Program as Bait

2013-06-18 10:00:42

Safe Targeted Espionage Campaign Borrows from Cybercriminals

2013-05-20 14:47:14

Tool Scans for RTF Files Spreading Malware in Targeted Attacks

2012-09-14 17:25:21

thn

Beware! Cyber Criminals may spoil your Valentine's Day

2014-02-10 22:26:00

Surveillance malware targets 350 high profile victims in 40 countries

2013-06-04 16:39:00

Terminator RAT became more sophisticated in recent APT attacks

2013-10-27 05:37:00

canvas

Immunity Canvas: MS12_027

2012-04-10 21:55:00

exploitdb

Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027) (Metasploit)

2012-04-25 00:00:00

attackerkb

CVE-2012-0158

2012-04-10 00:00:00

Microsoft Windows TabStrip MSCOMCTL.OCX RCE Vulnerability

2012-08-15 00:00:00

saint

Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability

2012-04-12 00:00:00

Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability

2012-04-12 00:00:00

Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability

2012-04-12 00:00:00

openvas

Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)

2012-04-11 00:00:00

Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)

2012-04-11 00:00:00

fireeye

China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets

2015-12-01 08:00:00

APT Group Sends Spear Phishing Emails to Indian Government Officials

2016-06-03 01:30:00

APT Group Sends Spear Phishing Emails to Indian Government Officials

2016-06-03 01:30:00

cve

CVE-2012-0158

2012-04-10 21:55:01

packetstorm

MS12-027 MSCOMCTL ActiveX Buffer Overflow

2012-04-25 00:00:00

cvelist

CVE-2012-0158

2012-04-10 21:00:00

nessus

MS12-027: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)

2012-04-11 00:00:00

zdt

MS12-027 - Office 2010 DEP/ASLR Bypass Exploit

2014-01-28 00:00:00

MS12-027 MSCOMCTL ActiveX Buffer Overflow

2012-04-25 00:00:00

mskb

MS12-027: Vulnerability in MSCOMCTL.OCX could allow Remote Code Execution: April 10, 2012

2012-04-10 00:00:00

metasploit

MS12-027 MSCOMCTL ActiveX Buffer Overflow

2012-04-23 20:59:25

prion

Design/Logic Flaw

2012-04-10 21:55:00

nvd

CVE-2012-0158

2012-04-10 21:55:01

talosblog

When combining exploits for added effect goes wrong

2017-08-14 09:55:00

malwarebytes

Chinese APT group targets India and Hong Kong using new variant of MgBot malware

2020-07-21 15:00:00

seebug

Microsoft Office 内存损坏漏洞(CVE-2015-1641)

2015-12-31 00:00:00

myhack58

Hand to hand teach you how to construct the office exploits EXP（fourth period）-bug warning-the black bar safety net

2016-12-03 00:00:00

The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net

2019-06-13 00:00:00

carbonblack

Technical Analysis: Hackers Leveraging COVID-19 Pandemic to Launch Phishing Attacks, Fake Apps/Maps, Trojans, Backdoors, Cryptominers, Botnets & Ransomware

2020-03-19 20:48:06

securityvulns

Microsoft Windows multiple security vulnerabilities

2012-04-23 00:00:00

securelist

Cycldek: Bridging the (air) gap

2020-06-03 10:00:32

ics

Top 10 Routinely Exploited Vulnerabilities

2020-05-12 12:00:00

Potential for China Cyber Response to Heightened U.S.–China Tensions

2020-10-20 12:00:00

qualysblog

Top 19+ Vulnerability CVEs in Santa’s Dashboard Tracking

2019-12-27 18:01:22

Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)

2023-07-18 13:38:53

Qualys Top 20 Most Exploited Vulnerabilities

2023-09-04 14:00:00

avleonov

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM

2023-09-30 19:31:42

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.974

Percentile

99.9%

JSON

Related for CISA-KEV-CVE-2012-0158