Microsoft Windows bundles various common ActiveX controls in the Common Controls library **MSCOMCTL.OCX**. Several Windows applications use these controls.

Problem

Various ActiveX controls in **MSCOMCTL.OCX** in the Common Controls in Microsoft Office 2007 and Office 2010 allow remote attackers to execute arbitrary code via a crafted **.rtf** file that triggers system state corruption.

Resolution

Apply the update referenced in MS12-027.

References

<http://technet.microsoft.com/en-us/security/bulletin/ms12-027>
<http://www.net-security.org/secworld.php?id=12732>

Limitations

This exploit has been tested on Microsoft Word 2007 SP3 and Microsoft Word 2010 SP1 running on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

The user must open the exploit file in Microsoft Word on the target system.

Platforms

Windows

checkpoint_advisories 6

threatpost 30

canvas 1

thn 15

attackerkb 2

fireeye 10

openvas 2

saint 3

cve 1

packetstorm 1

nessus 1

cisa_kev 1

prion 1

mskb 1

talosblog 1

myhack58 2

seebug 1

malwarebytes 1

carbonblack 1

securityvulns 1

securelist 1

ics 2

qualysblog 4

avleonov 1

checkpoint_advisories

MSCOMCTL.OCX Killbit: bdd1f04b-858b-11d1-b16a-00c0f0283628 (MS12-027; CVE-2012-0158)

2012-04-10 00:00:00

MSCOMCTL.OCX Killbit: 9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E (MS12-027; CVE-2012-0158)

2012-04-10 00:00:00

Microsoft MSCOMCTL.OCX ActiveX Control Remote Code Execution (MS12-027; CVE-2012-0158)

2012-04-10 00:00:00

threatpost

Safe Targeted Espionage Campaign Borrows from Cybercriminals

2013-05-20 14:47:14

NetTraveler Attackers Using PRISM Program as Bait

2013-06-18 10:00:42

Grand Theft Auto Panda APT Espionage Attack Platform

2013-11-25 10:26:50

canvas

Immunity Canvas: MS12_027

2012-04-10 21:55:00

thn

Surveillance malware targets 350 high profile victims in 40 countries

2013-06-04 16:39:00

Terminator RAT became more sophisticated in recent APT attacks

2013-10-27 05:37:00

Beware! Cyber Criminals may spoil your Valentine's Day

2014-02-10 22:26:00

attackerkb

CVE-2012-0158

2012-04-10 00:00:00

Microsoft Windows TabStrip MSCOMCTL.OCX RCE Vulnerability

2012-08-15 00:00:00

fireeye

China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets

2015-12-01 08:00:00

APT Group Sends Spear Phishing Emails to Indian Government Officials

2016-06-03 01:30:00

APT Group Sends Spear Phishing Emails to Indian Government Officials

2016-06-03 01:30:00

openvas

Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)

2012-04-11 00:00:00

Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)

2012-04-11 00:00:00

saint

Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability

2012-04-12 00:00:00

Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability

2012-04-12 00:00:00

Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability

2012-04-12 00:00:00

cve

CVE-2012-0158

2012-04-10 21:55:00

packetstorm

MS12-027 MSCOMCTL ActiveX Buffer Overflow

2012-04-25 00:00:00

nessus

MS12-027: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)

2012-04-11 00:00:00

cisa_kev

Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability

2021-11-03 00:00:00

prion

Design/Logic Flaw

2012-04-10 21:55:00

mskb

MS12-027: Vulnerability in MSCOMCTL.OCX could allow Remote Code Execution: April 10, 2012

2012-04-10 00:00:00

talosblog

When combining exploits for added effect goes wrong

2017-08-14 09:55:00

myhack58

Hand to hand teach you how to construct the office exploits EXP（fourth period）-bug warning-the black bar safety net

2016-12-03 00:00:00

The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net

2019-06-13 00:00:00

seebug

Microsoft Office 内存损坏漏洞(CVE-2015-1641)

2015-12-31 00:00:00

malwarebytes

Chinese APT group targets India and Hong Kong using new variant of MgBot malware

2020-07-21 15:00:00

carbonblack

Technical Analysis: Hackers Leveraging COVID-19 Pandemic to Launch Phishing Attacks, Fake Apps/Maps, Trojans, Backdoors, Cryptominers, Botnets & Ransomware

2020-03-19 20:48:06

securityvulns

Microsoft Windows multiple security vulnerabilities

2012-04-23 00:00:00

securelist

Cycldek: Bridging the (air) gap

2020-06-03 10:00:32

ics

Top 10 Routinely Exploited Vulnerabilities

2020-05-12 12:00:00

Potential for China Cyber Response to Heightened U.S.–China Tensions

2020-10-20 12:00:00

qualysblog

Top 19+ Vulnerability CVEs in Santa’s Dashboard Tracking

2019-12-27 18:01:22

Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)

2023-07-18 13:38:53

Qualys Top 20 Most Exploited Vulnerabilities

2023-09-04 14:00:00

avleonov

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM

2023-09-30 19:31:42

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.973 High

EPSS

Percentile

99.9%

JSON

Related for SAINT:FA42FF32EDF77D4600EA8685EBDE9D45