9.3

CVE-2012-2528

Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted RTF document, aka "RTF File listid Use-After-Free Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWord Automation Services Version-
   MicrosoftSharepoint Server Version2010
MicrosoftOffice Web Apps Version2010 Updatesp1
MicrosoftWord Version2003 Updatesp3
MicrosoftWord Version2007 Updatesp2
MicrosoftWord Version2007 Updatesp3
MicrosoftWord Version2010 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 56.85% 0.981
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.us-cert.gov/cas/techalerts/TA12-283A.html
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/55781
Third Party Advisory
VDB Entry