cvelistv5 - CVE-2012-0183

CVE-2012-0183

Vulnerability from cvelistv5

Published
2012-05-09 00:00
Modified
2024-08-06 18:16
Severity ?
Summary
Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mismatch Vulnerability."
References
URL	Tags
secure@microsoft.com	http://secunia.com/advisories/49111
secure@microsoft.com	http://www.securityfocus.com/bid/53344
secure@microsoft.com	http://www.securitytracker.com/id?1027035
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA12-129A.html	US Government Resource
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/75122
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327
Impacted products
▼	Vendor	Product
	n/a	n/a
Show details on NVD website
JSON
To clipboard
{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:19.287Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS12-029",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029"
          },
          {
            "name": "53344",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/53344"
          },
          {
            "name": "1027035",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027035"
          },
          {
            "name": "oval:org.mitre.oval:def:15327",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327"
          },
          {
            "name": "TA12-129A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA12-129A.html"
          },
          {
            "name": "microsoft-office-rtf-code-execution(75122)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75122"
          },
          {
            "name": "49111",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49111"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-05-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka \"RTF Mismatch Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "MS12-029",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029"
        },
        {
          "name": "53344",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/53344"
        },
        {
          "name": "1027035",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027035"
        },
        {
          "name": "oval:org.mitre.oval:def:15327",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327"
        },
        {
          "name": "TA12-129A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA12-129A.html"
        },
        {
          "name": "microsoft-office-rtf-code-execution(75122)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75122"
        },
        {
          "name": "49111",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49111"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2012-0183",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka \"RTF Mismatch Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS12-029",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029"
            },
            {
              "name": "53344",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/53344"
            },
            {
              "name": "1027035",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027035"
            },
            {
              "name": "oval:org.mitre.oval:def:15327",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327"
            },
            {
              "name": "TA12-129A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA12-129A.html"
            },
            {
              "name": "microsoft-office-rtf-code-execution(75122)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75122"
            },
            {
              "name": "49111",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49111"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2012-0183",
    "datePublished": "2012-05-09T00:00:00",
    "dateReserved": "2011-12-13T00:00:00",
    "dateUpdated": "2024-08-06T18:16:19.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-0183\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2012-05-09T00:55:01.867\",\"lastModified\":\"2018-10-12T22:02:24.370\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka \\\"RTF Mismatch Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"Microsoft Word 2003 SP3 y 2007 SP2 y SP3, Office 2008 y 2011 para Mac, y Office Compatibility Pack SP2 y SP3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) mediante datos RTF manipulados, tambi\u00e9n conocido como \\\"Vulnerabilidad RTF\\\"\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.3},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*\",\"matchCriteriaId\":\"5BA91840-371C-4282-9F7F-B393F785D260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_compatibility_pack:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"AED6C159-CD2C-436B-99BC-00E79A685D44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"44BC7B7B-7191-431C-8CAE-83B3F0EFF03E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F8E09E-E7F7-4D86-B140-3933EDC54E1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"262BC12C-246A-41AB-A08D-3D205156F074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D006508-BFB0-4F21-A361-3DA644F51D8A\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/49111\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/53344\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securitytracker.com/id?1027035\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA12-129A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/75122\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327\",\"source\":\"secure@microsoft.com\"}]}}"
  }
}
Action not permitted

CVE-2012-0183

Vulnerability from cvelistv5

gsd-2012-0183

Vulnerability from gsd

ghsa-8gx7-qfm6-j56p

Vulnerability from github

Tags
