Vulnerabilities > CVE-2012-2539 - Out-of-bounds Write vulnerability in Microsoft products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
microsoft
CWE-787
nessus
NVD
Published: 2012-12-12
Updated: 2024-07-09

Summary

Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."

Vulnerable Configurations

Part Description Count
Application
Microsoft
9

Common Weakness Enumeration (CWE)

Msbulletin

bulletin_idMS12-079
bulletin_url
date2012-12-11T00:00:00
impactRemote Code Execution
knowledgebase_id2780642
knowledgebase_url
severityCritical
titleVulnerability in Microsoft Word Could Allow Remote Code Execution

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS12-079.NASL
descriptionThe version of Office, Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office Web Apps, and/or Microsoft Share Point Server installed on the remote host has a remote code execution vulnerability. This is due to the way that Microsoft Office software parses RTF data and could allow an attacker to execute arbitrary code by tricking a user into opening a specially crafted RTF file.
last seen2020-06-01
modified2020-06-02
plugin id63226
published2012-12-11
reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/63226
titleMS12-079: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2780642)

Oval

accepted2014-06-30T04:05:58.092-04:00
classvulnerability
contributors
  • nameSecPod Team
    organizationSecPod Technologies
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameDragos Prisaca
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Mikhno
    organizationALTX-SOFT
definition_extensions
  • commentMicrosoft Word 2003 SP3 is installed
    ovaloval:org.mitre.oval:def:15863
  • commentMicrosoft Word 2007 SP2 is installed
    ovaloval:org.mitre.oval:def:15826
  • commentMicrosoft Word 2007 SP3 is installed
    ovaloval:org.mitre.oval:def:15946
  • commentMicrosoft Word 2010 SP1 is installed
    ovaloval:org.mitre.oval:def:14953
  • commentMicrosoft Word Viewer is installed
    ovaloval:org.mitre.oval:def:737
  • commentMicrosoft Office Compatibility Pack SP2 is installed
    ovaloval:org.mitre.oval:def:15640
  • commentMicrosoft Office Compatibility Pack SP3 is installed
    ovaloval:org.mitre.oval:def:15035
  • commentMicrosoft Office Web Apps 2010 Service Pack 1 is installed
    ovaloval:org.mitre.oval:def:15860
  • commentMicrosoft SharePoint Server 2010 Service Pack 1 is installed
    ovaloval:org.mitre.oval:def:15614
descriptionMicrosoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."
familywindows
idoval:org.mitre.oval:def:16073
statusaccepted
submitted2012-12-12T09:41:18
titleWord RTF 'listoverridecount' Remote Code Execution Vulnerability - MS12-079
version35

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 56834 CVE(CAN) ID: CVE-2012-2539 Microsoft Word 属于办公软件是微软公司的一个文字处理器应用程序。 Microsoft Word 在解析listoverridecount相关的RTF(Rich Text Format)数据时存在漏洞。通过诱使用户浏览恶意网站或在e-mail邮件中打开特定格式的rtf文件,未经身份验证的远程攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Office 2003 Professional Edition Microsoft Office Word Viewer Microsoft Office Web Apps Microsoft Office Compatibility Pack for Word, Microsoft Office 2010 Microsoft Office 2007 Microsoft Office 2003 Student and Teacher Edi Microsoft Office 2003 Standard Edition Microsoft Office 2003 Small Business Edition Microsoft SharePoint Server 2010 临时解决方法: * 以纯文本形式读取电子邮件。 * 使用Microsoft Office File Block策略阻止打开未知或可疑源和位置的RTF文档。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-079)以及相应补丁: MS12-079:Vulnerability in Microsoft Word Could Allow Remote Code Execution (2780642) 链接:http://www.microsoft.com/technet/security/bulletin/MS12-079.mspx 补丁下载:http://update.microsoft.com/
idSSV:60511
last seen2017-11-19
modified2012-12-13
published2012-12-13
reporterRoot
titleMicrosoft Word RTF File 'listoverridecount'远程代码执行漏洞(MS12-079)

References