CVE-2012-0158
HIGH KEV RANSOMWAREMicrosoft Office - Code Injection
Title source: ruleDescription
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability."
Exploits (4)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/18780
nomisec
WRITEUP
by RobertoLeonFR-ES · poc
https://github.com/RobertoLeonFR-ES/Exploit-Win32.CVE-2012-0158.F.doc
metasploit
WORKING POC
NORMAL
by Unknown, juan vazquez, sinn3r · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ms12_027_mscomctl_bof.rb
References (13)
Scores
CVSS v3
8.8
EPSS
0.9429
EPSS Percentile
99.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CISA KEV
2021-11-03
VulnCheck KEV
2012-01-01
InTheWild.io
2018-10-12
ENISA EUVD
EUVD-2012-0196
Ransomware Use
Confirmed
CWE
CWE-94
Status
published
Products (16)
microsoft/biztalk_server
2002 sp1
microsoft/commerce_server
2002 sp4
microsoft/commerce_server
2007 sp2
microsoft/commerce_server_2009
microsoft/commerce_server_2009
r2
microsoft/office
2003 sp3
microsoft/office
2007 sp2 (2 CPE variants)
microsoft/office
2010 (3 CPE variants)
microsoft/office_web_components
2003 sp3
microsoft/sql_server_2000
... and 6 more
Published
Apr 10, 2012
KEV Added
Nov 03, 2021
Tracked Since
Feb 18, 2026