Vulnerability Details : CVE-2012-2539

Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."
Vulnerability category: Memory CorruptionExecute codeDenial of service
Published 2012-12-12 00:55:01
Updated 2018-10-12 22:03:08
View at NVD,
CVE-2012-2539 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Microsoft Word Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Microsoft Word allows attackers to execute remote code or cause a denial-of-service via crafted RTF data.
Added on 2022-03-28 Action due date 2022-04-18

Exploit prediction scoring system (EPSS) score for CVE-2012-2539

Probability of exploitation activity in the next 30 days: 74.96%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-2539

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Source
[email protected]

CWE ids for CVE-2012-2539

References for CVE-2012-2539

Products affected by CVE-2012-2539

This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to terms of use!