CVE-2012-0151

Warning

EPSS 88.66%
Published 10.04.2012 21:55:01
Last modified 11.04.2025 00:51:21
Source secure@microsoft.com
Teams watchlist Login
Open Login

The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability."

Affected products Warnungen 1 Metrics 4 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 7 Updatesp1 Editionx64

Microsoft ≫ Windows 7 Updatesp1 Editionx86

Microsoft ≫ Windows Server 2003 Updatesp2

Microsoft ≫ Windows Server 2008 Updatesp2 Editionitanium

Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64

Microsoft ≫ Windows Server 2008 Updatesp2 Editionx86

Microsoft ≫ Windows Server 2008 Versionr2 Editionitanium

Microsoft ≫ Windows Server 2008 Versionr2 Editionx64

Microsoft ≫ Windows Vista Updatesp2

Microsoft ≫ Windows Xp Updatesp3

Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64

Microsoft ≫ Windows 7 Version- Updatesp1

Microsoft ≫ Windows Server 2003 Version- Updatesp2

Microsoft ≫ Windows Server 2008 Version- Updatesp2

Microsoft ≫ Windows Server 2008 Versionr2

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1

Microsoft ≫ Windows Vista Version- Updatesp2

Microsoft ≫ Windows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64

Microsoft ≫ Windows Xp Version- Updatesp3

08.06.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability

Vulnerability

The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	88.66%	0.995

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.us-cert.gov/cas/techalerts/TA12-101A.html

Third Party Advisory

US Government Resource

http://osvdb.org/81135

Broken Link

http://secunia.com/advisories/48581

Broken Link

http://www.securitytracker.com/id?1026906

Third Party Advisory

Broken Link

VDB Entry

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-024