CVE-2012-0183

Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mismatch Vulnerability."

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/49111
http://www.securityfocus.com/bid/53344
http://www.securitytracker.com/id?1027035
http://www.us-cert.gov/cas/techalerts/TA12-129A.html	US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029
https://exchange.xforce.ibmcloud.com/vulnerabilities/75122
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:office:2008::mac:::::
	cpe:2.3:a:microsoft:office_compatibility_pack::sp2::::::*
	cpe:2.3:a:microsoft:office_compatibility_pack::sp3::::::*
	cpe:2.3:a:microsoft:word:2003:sp3::::::
	cpe:2.3:a:microsoft:word:2007:sp2::::::
	cpe:2.3:a:microsoft:word:2007:sp3::::::

History

No history.

Information

Published : 2012-05-09 00:55

Updated : 2024-02-04 18:16

NVD link : CVE-2012-0183

Mitre link : CVE-2012-0183

CVE.ORG link : CVE-2012-0183

JSON object : View

Products Affected

microsoft

office_compatibility_pack
office
word

CWE

NVD-CWE-Other

{"id": "CVE-2012-0183", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-05-09T00:55:01.867", "references": [{"url": "http://secunia.com/advisories/49111", "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/bid/53344", "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1027035", "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA12-129A.html", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029", "source": "secure@microsoft.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75122", "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327", "source": "secure@microsoft.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka \"RTF Mismatch Vulnerability.\""}, {"lang": "es", "value": "Microsoft Word 2003 SP3 y 2007 SP2 y SP3, Office 2008 y 2011 para Mac, y Office Compatibility Pack SP2 y SP3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) mediante datos RTF manipulados, tambi\u00e9n conocido como \"Vulnerabilidad RTF\""}], "lastModified": "2018-10-12T22:02:24.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BA91840-371C-4282-9F7F-B393F785D260"}, {"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AED6C159-CD2C-436B-99BC-00E79A685D44"}, {"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E"}, {"criteria": "cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80F8E09E-E7F7-4D86-B140-3933EDC54E1C"}, {"criteria": "cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "262BC12C-246A-41AB-A08D-3D205156F074"}, {"criteria": "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D006508-BFB0-4F21-A361-3DA644F51D8A"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}