Microsoft : Security Vulnerabilities, CVEs, Published In November 2012 (Code Execution)

CVE-2012-4777

The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "WPF Reflection Optimization Vulnerability."
Max CVSS
9.3
EPSS Score
58.20%
Published
2012-11-14
Updated
2023-12-07

CVE-2012-4775

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
Max CVSS
9.3
EPSS Score
67.18%
Published
2012-11-14
Updated
2023-12-07

CVE-2012-2543

Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Stack Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
92.46%
Published
2012-11-14
Updated
2018-10-12

CVE-2012-1895

The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Reflection Bypass Vulnerability."
Max CVSS
9.3
EPSS Score
59.88%
Published
2012-11-14
Updated
2023-12-07

CVE-2012-1887

Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vulnerability."
Max CVSS
9.3
EPSS Score
93.22%
Published
2012-11-14
Updated
2018-10-12

CVE-2012-1886

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability."
Max CVSS
9.3
EPSS Score
94.48%
Published
2012-11-14
Updated
2018-10-12

CVE-2012-1885

Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SerAuxErrBar Heap Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
95.32%
Published
2012-11-14
Updated
2018-10-12

CVE-2012-1539

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
Max CVSS
9.3
EPSS Score
67.18%
Published
2012-11-14
Updated
2023-12-07

CVE-2012-1538

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability."
Max CVSS
9.3
EPSS Score
67.18%
Published
2012-11-14
Updated
2023-12-07
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close