9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%
Name | ms12_027 |
---|---|
CVE | CVE-2012-0158 Exploit Pack |
VENDOR: Microsoft | |
Notes: |
You shoud manually start a Universal listener for this exploit.
The listener IP and PORT should be declared in the module configuration
dialog.
Tested on:
The Universal Windows version needs the target to have Word opened
for a few seconds before executing the file.
Usage:
Generate rtf file and send to target.
VersionsAffected: Office 2003 to Office 2010 SP1
Repeatability:
MSADV: MS12-027
References: http://technet.microsoft.com/en-us/security/bulletin/ms12-027
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0158
Date public: 04/10/2012
CVSS: 9.3