Lucene search

K

PRIOn knowledge basePRION:CVE-2012-0165

HistoryMay 09, 2012 - 12:55 a.m.

Design/Logic Flaw

2012-05-0900:55:00

PRIOn knowledge base

www.prio-n.com

4

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.652 Medium

EPSS

Percentile

97.8%

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attackers to execute arbitrary code via a crafted image, aka “GDI+ Record Type Vulnerability.”

CPENameOperatorVersion
officeeq2007 sp3
officeeq2007 sp2
officeeq2010
officeeq2003 sp3
officeeq2010 sp1
windows_server_2008eq- sp2
windows_vistaeq- sp2

References

secunia.com/advisories/49121

www.securityfocus.com/bid/53347

www.securitytracker.com/id?1027038

www.us-cert.gov/cas/techalerts/TA12-129A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034

exchange.xforce.ibmcloud.com/vulnerabilities/75125

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15621

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.652 Medium

EPSS

Percentile

97.8%

Related for PRION:CVE-2012-0165

seebug1 cve1 checkpoint_advisories1 symantec1 mskb1 openvas2 nessus1 securityvulns1