Lucene search

[email protected]CVE-2012-1894

HistoryJul 10, 2012 - 9:55 p.m.

CVE-2012-1894

2012-07-1021:55:06

CWE-264

[email protected]

web.nvd.nist.gov

microsoft

office

mac

2011

vulnerability

privilege escalation

exploit

security

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

29.0%

JSON

Microsoft Office for Mac 2011 uses world-writable permissions for the “Applications/Microsoft Office 2011/” directory and certain other directories, which allows local users to gain privileges by placing a Trojan horse executable file in one of these directories, aka “Office for Mac Improper Folder Permissions Vulnerability.”

Affected configurations

NVD

Node

microsoftofficeMatch2011mac

CPENameOperatorVersion
microsoft:officemicrosoft officeeq2011

CPE	Name	Operator	Version
microsoft:office	microsoft office	eq	2011

References

www.us-cert.gov/cas/techalerts/TA12-192A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-051

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15602

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

29.0%

JSON

Related for CVE-2012-1894

openvas2 mskb1 nessus1 nvd1 seebug1 prion1 cvelist1 securityvulns1