Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2012-1856

KEV EPSS 91.55% · P100
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-1856

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Office系列软件 TabStrip ActiveX控件代码注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
多款产品中的MSCOMCTL.OCX中的Common Controls内的TabStrip ActiveX控件中存在漏洞。远程攻击者可利用该漏洞通过特制的(1)文档或(2)web页面,触发系统状态破坏,执行任意代码。又名‘MSCOMCTL.OCX RCE漏洞’。以下产品中存在漏洞:Office 2003 SP3,Office 2003 Web Components SP3, Office 2007 SP2和SP3,Office 2010 SP1,SQL Server 2000 SP4,SQL Server
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2012-1856

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2012-1856

登录查看更多情报信息。

Same Patch Batch · n/a · 2012-08-15 · 52 CVEs total

CVE-2012-4159Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-2527Microsoft Windows 资源管理错误漏洞
CVE-2012-2526Microsoft Windows XP SP3 远程桌面协议漏洞
CVE-2012-1888Microsoft Visio 缓冲区溢出漏洞
CVE-2012-2523Microsoft Internet Explorer 数字错误漏洞
CVE-2012-2522Microsoft Internet Explorer 代码注入漏洞
CVE-2012-2521Microsoft Internet Explorer 代码注入漏洞
CVE-2012-2524Microsoft Office CGM 缓冲区溢出漏洞
CVE-2012-4161Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4160Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4162Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4158Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4157Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4156Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4155Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4154Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4153Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4152Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4151Adobe Reader/Acrobat 缓冲区溢出漏洞
CVE-2012-4150Adobe Reader/Acrobat 缓冲区溢出漏洞

Showing top 20 of 52 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2012-1856

No comments yet

Leave a comment