MS12-054 Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution
2012-08-14 This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
Vulnerabilities addressed in this bulletin:
Bulletin details at Microsoft.com
Vulnerabilities addressed in this bulletin:
- Remote Administration Protocol Denial of Service Vulnerability
- A denial of service vulnerability exists in Windows networking components. The vulnerability is due to the service not properly handling specially crafted RAP requests. An attacker who successfully exploited this vulnerability could cause some of the Windows networking component to stop responding.
CVE-2012-1850 - Print Spooler Service Format String Vulnerability
- A remote code execution vulnerability exists in the Windows Print Spooler service that could allow a remote, unauthenticated attacker to execute arbitrary code on an affected system. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
CVE-2012-1851 - Remote Administration Protocol Heap Overflow Vulnerability
- A remote code execution vulnerability exists in the way that Windows networking components handle a specially crafted RAP response. An attacker who successfully exploited this vulnerability could run arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
CVE-2012-1852 - Remote Administration Protocol Stack Overflow Vulnerability
- A remote code execution vulnerability exists in the way that Windows networking components handle specially crafted RAP responses. An attacker who successfully exploited this vulnerability could run arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
CVE-2012-1853
Bulletin details at Microsoft.com
Related CVE Entries
The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle RAP responses, which allows remote attackers to cause a denial of service (service hang) via crafted RAP packets, aka "Remote Administration Protocol Denial of Service Vulnerability."
Max CVSS
5.0
EPSS Score
55.98%
Published
2012-08-15
Updated
2023-12-07
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted response, aka "Print Spooler Service Format String Vulnerability."
Max CVSS
10.0
EPSS Score
94.67%
Published
2012-08-15
Updated
2023-12-07
Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Heap Overflow Vulnerability."
Max CVSS
10.0
EPSS Score
84.65%
Published
2012-08-15
Updated
2018-10-12
Stack-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Stack Overflow Vulnerability."
Max CVSS
10.0
EPSS Score
84.65%
Published
2012-08-15
Updated
2018-10-12