⚠ Actively exploited
Added to CISA KEV on 2022-03-28. Federal agencies required to patch by 2022-04-18. Required action: Apply updates per vendor instructions..

CVE-2012-2539Out-of-bounds Write in Microsoft Office WEB Apps

CWE-787Out-of-bounds WriteCWE-3998 documents7 sources
Severity
7.8HIGHNVD
EPSS
84.4%
top 0.67%
CISA KEV
KEV
Added 2022-03-28
Due 2022-04-18
Exploit
Exploited in wild
Active exploitation observed
Affected products
3
Microsoft Office WEB AppsMicrosoft Sharepoint ServerMicrosoft Word
Timeline
PublishedDec 12
KEV addedMar 28
KEV dueApr 18
Latest updateMay 14
CISA Required Action: Apply updates per vendor instructions.

Description

Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDmicrosoft/word2003, 2007, 2010+2

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

3
GHSA
GHSA-x5wq-5f2r-gxw5: Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote2022-05-14
CVEList
CVE-2012-2539: Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote2012-12-12
VulnCheck
Microsoft Word Remote Code Execution Vulnerability2012

🔍Detection Rules

1
Suricata
ET WEB_CLIENT Microsoft Rich Text File .RTF File download with invalid listoverridecount2012-12-12

📋Vendor Advisories

1
CISA
Microsoft Word Remote Code Execution Vulnerability2022-03-28

🕵️Threat Intelligence

1
Talos
CVE-2014-1761, Oh did you mean CVE-2012-2539?2014-04-08
CVE-2012-2539 — Out-of-bounds Write in Microsoft | cvebase