Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
canvasImmunity CanvasMS12_027
HistoryApr 10, 2012 - 9:55 p.m.

Immunity Canvas: MS12_027

2012-04-1021:55:00
Immunity Canvas
exploitlist.immunityinc.com
162

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON
Name ms12_027
CVE CVE-2012-0158 Exploit Pack
VENDOR: Microsoft
Notes:

You shoud manually start a Universal listener for this exploit.
The listener IP and PORT should be declared in the module configuration
dialog.

Tested on:

  • Windows XP Professional SP3 English with Office 2010 Standard
  • Windows 7 English.

The Universal Windows version needs the target to have Word opened
for a few seconds before executing the file.

Usage:
Generate rtf file and send to target.

VersionsAffected: Office 2003 to Office 2010 SP1
Repeatability:
MSADV: MS12-027
References: http://technet.microsoft.com/en-us/security/bulletin/ms12-027
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0158
Date public: 04/10/2012
CVSS: 9.3

Related

checkpoint_advisories 6
threatpost 30
thn 15
attackerkb 2
fireeye 10
saint 4
openvas 2
cve 1
prion 1
mskb 1
packetstorm 1
nessus 1
cisa_kev 1
malwarebytes 1
seebug 1
myhack58 2
talosblog 1
carbonblack 1
securityvulns 1
securelist 1
ics 2
qualysblog 4
avleonov 1
checkpoint_advisories
checkpoint_advisories
MSCOMCTL.OCX Killbit: bdd1f04b-858b-11d1-b16a-00c0f0283628 (MS12-027; CVE-2012-0158)
2012-04-10 00:00:00
Microsoft MSCOMCTL.OCX ActiveX Control Remote Code Execution (MS12-027; CVE-2012-0158)
2012-04-10 00:00:00
Microsoft Windows MSCOMCTL.OCX ActiveX Control Remote Code Execution - Ver2 (CVE-2012-0158)
2014-04-16 00:00:00
threatpost
threatpost
Safe Targeted Espionage Campaign Borrows from Cybercriminals
2013-05-20 14:47:14
NetTraveler Attackers Using PRISM Program as Bait
2013-06-18 10:00:42
Tool Scans for RTF Files Spreading Malware in Targeted Attacks
2012-09-14 17:25:21
thn
thn
Surveillance malware targets 350 high profile victims in 40 countries
2013-06-04 16:39:00
Terminator RAT became more sophisticated in recent APT attacks
2013-10-27 05:37:00
Beware! Cyber Criminals may spoil your Valentine's Day
2014-02-10 22:26:00
attackerkb
attackerkb
CVE-2012-0158
2012-04-10 00:00:00
Microsoft Windows TabStrip MSCOMCTL.OCX RCE Vulnerability
2012-08-15 00:00:00
fireeye
fireeye
China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets
2015-12-01 08:00:00
APT Group Sends Spear Phishing Emails to Indian Government Officials
2016-06-03 01:30:00
APT Group Sends Spear Phishing Emails to Indian Government Officials
2016-06-03 01:30:00
saint
saint
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability
2012-04-12 00:00:00
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability
2012-04-12 00:00:00
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability
2012-04-12 00:00:00
openvas
openvas
Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
2012-04-11 00:00:00
Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
2012-04-11 00:00:00
cve
cve
CVE-2012-0158
2012-04-10 21:55:00
prion
prion
Design/Logic Flaw
2012-04-10 21:55:00
mskb
mskb
MS12-027: Vulnerability in MSCOMCTL.OCX could allow Remote Code Execution: April 10, 2012
2012-04-10 00:00:00
packetstorm
packetstorm
MS12-027 MSCOMCTL ActiveX Buffer Overflow
2012-04-25 00:00:00
nessus
nessus
MS12-027: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
2012-04-11 00:00:00
cisa_kev
cisa_kev
Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability
2021-11-03 00:00:00
malwarebytes
malwarebytes
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
2020-07-21 15:00:00
seebug
seebug
Microsoft Office 内存损坏漏洞(CVE-2015-1641)
2015-12-31 00:00:00
myhack58
myhack58
Hand to hand teach you how to construct the office exploits EXP(fourth period)-bug warning-the black bar safety net
2016-12-03 00:00:00
The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net
2019-06-13 00:00:00
talosblog
talosblog
When combining exploits for added effect goes wrong
2017-08-14 09:55:00
carbonblack
carbonblack
Technical Analysis: Hackers Leveraging COVID-19 Pandemic to Launch Phishing Attacks, Fake Apps/Maps, Trojans, Backdoors, Cryptominers, Botnets & Ransomware
2020-03-19 20:48:06
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2012-04-23 00:00:00
securelist
securelist
Cycldek: Bridging the (air) gap
2020-06-03 10:00:32
ics
ics
Top 10 Routinely Exploited Vulnerabilities
2020-05-12 12:00:00
Potential for China Cyber Response to Heightened U.S.–China Tensions
2020-10-20 12:00:00
qualysblog
qualysblog
Top 19+ Vulnerability CVEs in Santa’s Dashboard Tracking
2019-12-27 18:01:22
Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)
2023-07-18 13:38:53
Qualys Top 20 Most Exploited Vulnerabilities
2023-09-04 14:00:00
avleonov
avleonov
September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM
2023-09-30 19:31:42

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON
Related for MS12_027
checkpoint_advisories6threatpost30thn15attackerkb2fireeye10saint4openvas2cve1prion1mskb1packetstorm1nessus1cisa_kev1malwarebytes1seebug1myhack582talosblog1carbonblack1securityvulns1securelist1ics2qualysblog4avleonov1