Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2012-2528
HistoryOct 09, 2012 - 9:55 p.m.

CVE-2012-2528

2012-10-0921:55:02
CWE-399
[email protected]
web.nvd.nist.gov
5

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.908

Percentile

98.9%

JSON

Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted RTF document, aka β€œRTF File listid Use-After-Free Vulnerability.”

Affected configurations

Nvd
Node
microsoftword_automation_servicesMatch-
AND
microsoftsharepoint_serverMatch2010
Node
microsoftoffice_compatibility_packsp2
OR
microsoftoffice_compatibility_packsp3
OR
microsoftoffice_web_appsMatch2010sp1
OR
microsoftwordMatch2003sp3
OR
microsoftwordMatch2007sp2
OR
microsoftwordMatch2007sp3
OR
microsoftwordMatch2010sp1
OR
microsoftword_viewer
VendorProductVersionCPE
microsoftword_automation_services-cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:*:*:*
microsoftsharepoint_server2010cpe:2.3:a:microsoft:sharepoint_server:2010:*:*:*:*:*:*:*
microsoftoffice_compatibility_pack*cpe:2.3:a:microsoft:office_compatibility_pack:*:sp2:*:*:*:*:*:*
microsoftoffice_compatibility_pack*cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
microsoftoffice_web_apps2010cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*
microsoftword2003cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*
microsoftword2007cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*
microsoftword2007cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
microsoftword2010cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:*:*
microsoftword_viewer*cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*

Related

seebug 1
checkpoint_advisories 2
cvelist 1
prion 1
cve 1
mskb 1
securityvulns 1
openvas 1
nessus 1
seebug
seebug
Microsoft Word RTFζ–‡δ»Άι‡Šζ”ΎεŽι‡η”¨θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS12-064οΌ‰
2012-10-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office RTF File listid Use-After-Free Code Execution (MS12-064; CVE-2012-2528)
2012-10-09 00:00:00
Microsoft Office RTF File listid Use-After-Free - Ver2 (CVE-2012-2528)
2014-03-31 00:00:00
cvelist
cvelist
CVE-2012-2528
2012-10-09 21:00:00
prion
prion
Design/Logic Flaw
2012-10-09 21:55:00
cve
cve
CVE-2012-2528
2012-10-09 21:55:02
mskb
mskb
MS12-064: Vulnerabilities in Microsoft Word could allow remote code execution: October 9, 2012
2012-10-09 00:00:00
securityvulns
securityvulns
Microsoft Word security vulnerabilities
2012-10-09 00:00:00
openvas
openvas
Microsoft Office Word Remote Code Execution Vulnerabilities (2742319)
2012-10-10 00:00:00
nessus
nessus
MS12-064: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
2012-10-10 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.908

Percentile

98.9%

JSON
Related for NVD:CVE-2012-2528
seebug1checkpoint_advisories2cvelist1prion1cve1mskb1securityvulns1openvas1nessus1