Immunity, Inc.
Name ms12_027
CVE CVE-2012-0158
Exploit Pack CANVAS
DescriptionMS12-027 MSCOMCTL.OCX ActiveX Buffer Overflow
NotesCVE Name: CVE-2012-0158
VENDOR: Microsoft
Notes:

You shoud manually start a Universal listener for this exploit.
The listener IP and PORT should be declared in the module configuration
dialog.

Tested on:
* Windows XP Professional SP3 English with Office 2010 Standard
* Windows 7 English.

The Universal Windows version needs the target to have Word opened
for a few seconds before executing the file.

Usage:
Generate rtf file and send to target.


VersionsAffected: Office 2003 to Office 2010 SP1
Repeatability:
MSADV: MS12-027
References: http://technet.microsoft.com/en-us/security/bulletin/ms12-027
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0158
Date public: 04/10/2012
CVSS: 9.3

Learn more about the CANVAS Exploit Pack here: CANVAS