Vulnerability Details : CVE-2012-0183
Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mismatch Vulnerability."
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2012-0183
- cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office_compatibility_pack:*:sp2:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-0183
96.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-0183
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2012-0183
-
http://www.securitytracker.com/id?1027035
Microsoft Word RTF Processing Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.securityfocus.com/bid/53344
Microsoft Word CVE-2012-0183 RTF Data Handling Remote Memory Corruption Vulnerability
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029
Microsoft Security Bulletin MS12-029 - Critical | Microsoft Docs
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327
Repository / Oval Repository
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/75122
Microsoft Office RTF code execution CVE-2012-0183 Vulnerability Report
-
http://www.us-cert.gov/cas/techalerts/TA12-129A.html
Microsoft Updates for Multiple Vulnerabilities | CISAUS Government Resource
Jump to