Description

Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."

Remediation

References

CVE-2012-2539

Related Vulnerabilities

WordPress Plugin WP Plugin Info Card Unspecified Vulnerability (2.3.6)

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5323)

Joomla! Core 3.x.x Information Disclosure (3.4.0 - 3.6.5)

WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)

WordPress Plugin Business Directory-Easy Listing Directories for WordPress PHP Object Injection (4.1.14)

Severity

High

Classification

CVE-2012-2539 CWE-787 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities