9.3

CVE-2012-2528

Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted RTF document, aka "RTF File listid Use-After-Free Vulnerability."

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWord Automation Services Version-
   MicrosoftSharepoint Server Version2010
MicrosoftOffice Web Apps Version2010 Updatesp1
MicrosoftWord Version2003 Updatesp3
MicrosoftWord Version2007 Updatesp2
MicrosoftWord Version2007 Updatesp3
MicrosoftWord Version2010 Updatesp1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 57.47% 0.979
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
http://www.us-cert.gov/cas/techalerts/TA12-283A.html
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/55781
Third Party Advisory
VDB Entry