CVE-2012-0158

Summary

CVE-2012-0158 is a remote code execution vulnerability affecting the ListView, ListView2, TreeView, and TreeView2 ActiveX controls in various Microsoft products, including Office 2003, 2007, and 2010, SQL Server 2000, BizTalk Server 2002, Commerce Server 2002 and 2009, Visual FoxPro 8.0 and 9.0, and Visual Basic 6.0 Runtime. An attacker can exploit this issue by creating a maliciously crafted web site, Office document, or .rtf file that triggers "system state" corruption, resulting in arbitrary code execution. This vulnerability was exploited in the wild in April 2012 and is also known as the "MSCOMCTL.OCX RCE Vulnerability."

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.