Home

CVE-2012-2539

Description

Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka Word RTF listoverridecount Remote Code Execution Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
84.414

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Microsoft Office Word 2007 (KB2760421)Windows
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit EditionWindows
Security Update for Microsoft Word 2010 (KB2760410) 64-Bit EditionWindows
Security Update for Microsoft Office 2007 suites (KB2760416)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-12822Security Update for Microsoft Office Word 2007 (KB2760421)
PATCH-12823Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
PATCH-12826Security Update for Microsoft Office 2007 suites (KB2760416)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234