cbcvebase.
CVE-2012-0182
published 2012-10-09

CVE-2012-0182: Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code…

PriorityP262critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
68.32%
99.2th percentile
Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Word PAPX Section Corruption Vulnerability."

Affected

1 ranges
VendorProductVersion rangeFixed in
microsoftword

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2012-0182 is exploited via a specially crafted Word document targeting Microsoft Word 2007 SP2/SP3; detection should focus on malformed PAPX section parsing in .doc files delivered to vulnerable Word versions.
  • CVE-2012-0182 was used as part of infection chains requiring no user interaction beyond opening a malicious document — monitor for Word process spawning unexpected child processes or network connections.
  • Affected software scope for CVE-2012-0182 includes Microsoft Office 2003, 2007, 2010, Word Viewer, Office Compatibility Pack, SharePoint Server 2010, and Office Web Apps 2010 — prioritize detection on these platforms.
  • ·CVE-2012-0182 specifically affects Word 2007 SP2 and SP3; other Office versions listed under MS12-064 may be affected by the companion CVE-2012-2528 (RTF listid UAF) rather than the PAPX corruption bug — verify affected version before applying detections.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.