Vulnerabilities > CVE-2012-2528 - Resource Management Errors vulnerability in Microsoft products

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
microsoft
CWE-399
critical
nessus
NVD
Published: 2012-10-09
Updated: 2018-10-12

Summary

Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted RTF document, aka "RTF File listid Use-After-Free Vulnerability."

Vulnerable Configurations

Part Description Count
Application
Microsoft
10

Common Weakness Enumeration (CWE)

Msbulletin

bulletin_idMS12-064
bulletin_url
date2012-10-09T00:00:00
impactRemote Code Execution
knowledgebase_id2742319
knowledgebase_url
severityCritical
titleVulnerabilities in Microsoft Word Could Allow Remote Code Execution

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS12-064.NASL
descriptionThe version of Office, Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office Web Apps, and/or Microsoft Share Point Server installed on the remote host is affected by multiple remote code execution vulnerabilities : - A flaw in the way Microsoft Word handles Word files can allow an attacker to execute arbitrary code by tricking a user into opening a specially crafted Word file. (CVE-2012-0182) - A flaw in the way Microsoft Office handles RTF files can be exploited to execute arbitrary code by tricking a user into opening a specially crafted RTF document. (CVE-2012-2528)
last seen2020-06-01
modified2020-06-02
plugin id62459
published2012-10-10
reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/62459
titleMS12-064: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)

Oval

accepted2014-06-30T04:05:56.636-04:00
classvulnerability
contributors
  • nameSecPod Team
    organizationSecPod Technologies
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameDragos Prisaca
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Mikhno
    organizationALTX-SOFT
definition_extensions
  • commentMicrosoft Word 2003 is installed
    ovaloval:org.mitre.oval:def:475
  • commentMicrosoft Word 2007 SP2 is installed
    ovaloval:org.mitre.oval:def:15826
  • commentMicrosoft Word 2007 SP3 is installed
    ovaloval:org.mitre.oval:def:15946
  • commentMicrosoft Office Compatibility Pack SP2 is installed
    ovaloval:org.mitre.oval:def:15640
  • commentMicrosoft Office Compatibility Pack SP3 is installed
    ovaloval:org.mitre.oval:def:15035
  • commentMicrosoft SharePoint Server 2010 Service Pack 1 is installed
    ovaloval:org.mitre.oval:def:15614
  • commentMicrosoft Office Web Apps 2010 Service Pack 1 is installed
    ovaloval:org.mitre.oval:def:15860
  • commentMicrosoft Word 2010 SP1 is installed
    ovaloval:org.mitre.oval:def:14953
  • commentMicrosoft Word 2003 SP3 is installed
    ovaloval:org.mitre.oval:def:15863
descriptionUse-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted RTF document, aka "RTF File listid Use-After-Free Vulnerability."
familywindows
idoval:org.mitre.oval:def:15680
statusaccepted
submitted2012-10-17T10:23:14
titleRTF File listid Use-After-Free Vulnerability - MS12-064
version37

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 55781 CVE(CAN) ID: CVE-2012-2528 Microsoft Word属于办公软件是微软公司的一个文字处理器应用程序。 Microsoft Office处理特制RTF文件时存在远程代码执行漏洞,成功利用此漏洞的攻击者可完全控制受影响系统。 0 Microsoft Word 2010 Microsoft Word 2007 Microsoft Word 2003 Microsoft Office SharePoint Server 2010 Microsoft Office Web Apps 2010 SP1 Microsoft Office Web Apps 2010 0 Microsoft Office Compatibility Pack SP3 Microsoft Office Compatibility Pack SP2 临时解决方法: 如果您不能立刻安装补丁或者升级,建议您采取以下措施以降低威胁: * 以纯文本方式读取电子邮件 * 使用Microsoft Office File Block策略阻止打开来自未知或可疑源和位置的RTF文档。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-064)以及相应补丁: MS12-064:Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319) 链接:http://www.microsoft.com/technet/security/bulletin/MS12-064.asp
idSSV:60428
last seen2017-11-19
modified2012-10-11
published2012-10-11
reporterRoot
titleMicrosoft Word RTF文件释放后重用远程代码执行漏洞(MS12-064)

References