CVE-2012-0158

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Apr 10, 2012

Updated: Dec 19, 2024

CWE ID 94

Summary

CVE-2012-0158 is a remote code execution vulnerability affecting the ListView, ListView2, TreeView, and TreeView2 ActiveX controls in various Microsoft products, including Office 2003, 2007, and 2010, SQL Server 2000-2008, BizTalk Server 2002-2009, Visual FoxPro 8.0 and 9.0, and Visual Basic 6.0 Runtime. The vulnerability is triggered when these controls fail to properly handle "system state" corruption, which can be exploited through a crafted web site, Office document, or .rtf file. In April 2012, this vulnerability was actively exploited in the wild, making it a significant security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Microsoft SQL Server
Microsoft Office
Microsoft Commerce Server
Visual FoxPro
Microsoft Visual Basic

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

Back to Vulnerability Database