Name | ms12_027 |
CVE | CVE-2012-0158 |
Exploit Pack | CANVAS |
Description | MS12-027 MSCOMCTL.OCX ActiveX Buffer Overflow |
Notes | CVE Name: CVE-2012-0158 VENDOR: Microsoft Notes: You shoud manually start a Universal listener for this exploit. The listener IP and PORT should be declared in the module configuration dialog. Tested on: * Windows XP Professional SP3 English with Office 2010 Standard * Windows 7 English. The Universal Windows version needs the target to have Word opened for a few seconds before executing the file. Usage: Generate rtf file and send to target. VersionsAffected: Office 2003 to Office 2010 SP1 Repeatability: MSADV: MS12-027 References: http://technet.microsoft.com/en-us/security/bulletin/ms12-027 CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0158 Date public: 04/10/2012 CVSS: 9.3 |
Learn more about the CANVAS Exploit Pack here: CANVAS |