CVE-2012-2526
Windows XP SP3 - Remote Code Execution via Crafted RDP Packets
Title source: llmDescription
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP3 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to a deleted object, aka "Remote Desktop Protocol Vulnerability."
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-053
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15650
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA12-227A.html
Scores
EPSS
0.2511
EPSS Percentile
97.7%
Details
CWE
CWE-94
Status
published
Products (1)
microsoft/windows_xp
Published
Aug 15, 2012
Tracked Since
Feb 18, 2026