Description

Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."

Remediation

References

CVE-2012-2539

Related Vulnerabilities

Joomla! Core 3.x.x Local File Inclusion (3.0.0 - 3.9.25)

WordPress Plugin WordPress Photo Gallery by Gallery Bank Multiple Cross-Site Scripting Vulnerabilities (2.0.19)

WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.127.3)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1830)

WordPress Plugin Spreadsheet (wpSS) 'ss_id' Parameter SQL Injection (0.61)

Severity

High

Classification

CVE-2012-2539 CWE-787 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities