CyberSec.Space Logo
Back to CVE Browser

CVE-2012-0158

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score31.2490%
EPSS Percentile94.62th
PublishedApr 10, 2012
Last ModifiedApr 22, 2026

Vulnerability Description

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability."

Affected Platforms (CPE)

πŸ“¦
Microsoft

Office

= 2003
πŸ“¦
Microsoft

Office

= 2007
πŸ“¦
Microsoft

Office

= 2007
πŸ“¦
Microsoft

Office

= 2010
πŸ“¦
Microsoft

Office

= 2010
πŸ“¦
Microsoft

Office Web Components

= 2003
πŸ“¦
Microsoft

Sql Server 2000

All versions
πŸ“¦
Microsoft

Sql Server 2005

All versions
πŸ“¦
Microsoft

Sql Server 2008

All versions
πŸ“¦
Microsoft

Sql Server 2008

All versions
πŸ“¦
Microsoft

Sql Server 2008

= r2
πŸ“¦
Microsoft

Sql Server 2008

= r2
πŸ“¦
Microsoft

Biztalk Server

= 2002
πŸ“¦
Microsoft

Commerce Server

= 2002
πŸ“¦
Microsoft

Commerce Server

= 2007
πŸ“¦
Microsoft

Commerce Server 2009

All versions
πŸ“¦
Microsoft

Commerce Server 2009

= r2
πŸ“¦
Microsoft

Visual Basic

= 6.0
πŸ“¦
Microsoft

Visual Foxpro

= 8.0
πŸ“¦
Microsoft

Visual Foxpro

= 9.0

References & Advisories

πŸ”— http://opensources.info/comment-on-the-curious-case-of-a-cve-2012-0158-exploit-by-chris-pierce/
πŸ”— http://www.securityfocus.com/bid/52911
πŸ”— http://www.securitytracker.com/id?1026899
πŸ”— http://www.securitytracker.com/id?1026900
πŸ”— http://www.securitytracker.com/id?1026902
πŸ”— http://www.securitytracker.com/id?1026903
πŸ”— http://www.securitytracker.com/id?1026904
πŸ”— http://www.securitytracker.com/id?1026905

Related Vulnerabilities

CVE-2001-122310.0

The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers...

CVE-2001-126010.0

Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator pri...

CVE-2000-085410.0

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.d...

CVE-2007-111710.0

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspeci...