CVE-2012-2526

Windows XP SP3 - Remote Code Execution via Crafted RDP Packets

Title source: llm
STIX 2.1

Description

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP3 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to a deleted object, aka "Remote Desktop Protocol Vulnerability."

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15650
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA12-227A.html

Scores

EPSS 0.2511
EPSS Percentile 97.7%

Details

CWE
CWE-94
Status published
Products (1)
microsoft/windows_xp
Published Aug 15, 2012
Tracked Since Feb 18, 2026