← back
CVE-2012-0158

CVE-2012-0158

CVSS 8.8 HIGHEPSS 100.0%● KEVCWE-94
In short

A flaw in Microsoft's common controls (ListView, TreeView, and similar components) allows attackers to run malicious code on your computer through a rigged website, Office document, or file. This happens because the controls don't properly validate certain inputs, letting attackers corrupt system memory.

Technical detail

CVE-2012-0158 is an arbitrary code execution vulnerability in MSCOMCTL.OCX ActiveX controls (ListView, TreeView variants) affecting multiple Microsoft products. The vulnerability exploits improper input validation that leads to memory corruption; attack vectors include malicious web pages, Office documents, or RTF files. Successful exploitation grants remote code execution with user privileges, requiring no authentication or special preconditions beyond user interaction.

Summary generated and translated by AI from the official description.
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability."
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found3
githubgithub.com/Sunqiz/CVE-2012-0158-reproduction1githubgithub.com/RobertoLeonFR-ES/Exploit-Win32.CVE-2012-0158.F.doc0exploitdbwww.exploit-db.com/exploits/18780unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://opensources.info/comment-on-the-curious-case-of-a-cve-2012-0158-exploit-by-chris-pierce/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-027https://exchange.xforce.ibmcloud.com/vulnerabilities/74372https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15462https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-0158http://www.securityfocus.com/bid/52911http://www.securitytracker.com/id?1026899http://www.securitytracker.com/id?1026900http://www.securitytracker.com/id?1026902http://www.securitytracker.com/id?1026903http://www.securitytracker.com/id?1026904http://www.securitytracker.com/id?1026905