Microsoft Windows Common Controls ActiveX Control CVE-2012-1856 Remote Code Execution Vulnerability

Microsoft Windows Common Controls is prone to a remote code-execution vulnerability.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage.

Successful exploits will allow the attacker to execute arbitrary code within the context of the application (typically Internet Explorer) that uses the ActiveX control.

Information

Bugtraq ID: 54948
Class: Design Error
CVE: CVE-2012-1856

Remote: Yes
Local: No
Published: Aug 14 2012 12:00AM
Updated: Nov 07 2018 08:00AM
Credit: Microsoft
Vulnerable: Microsoft Visual FoxPro 9.0 SP2
Microsoft Visual FoxPro 8.0 SP1
Microsoft Visual Basic 6.0 Runtime 0
Microsoft SQL Server 2008 x64 SP3
Microsoft SQL Server 2008 x64 SP2
Microsoft SQL Server 2008 x64 R2
Microsoft SQL Server 2008 itanium SP3
Microsoft SQL Server 2008 itanium SP2
Microsoft SQL Server 2008 itanium R2
Microsoft SQL Server 2008 32bit SP3
Microsoft SQL Server 2008 32bit SP2
Microsoft SQL Server 2008 32bit R2
Microsoft SQL Server 2008 R2 SP1
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2005 x64 Edition SP4
Microsoft SQL Server 2005 Itanium Edition SP4
Microsoft SQL Server 2005 Express Edition with Advanced Serv SP4
Microsoft SQL Server 2005 Express Edition with Advanced Serv SP3
Microsoft SQL Server 2005 Express Edition with Advanced Serv SP2
Microsoft SQL Server 2005 Express Edition with Advanced Serv SP1
Microsoft SQL Server 2005 SP4
Microsoft SQL Server 2000 Analysis Services SP4 0
Microsoft SQL Server 2000 SP4
Microsoft Office 2010 (32-bit edition) SP1
Microsoft Office 2007 SP3
Microsoft Office 2007 SP2
Microsoft Office 2003 Web Components SP3
Microsoft Office 2003 SP3
Microsoft Host Integration Server 2004 SP1
Microsoft Commerce Server 2009 R2
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Server SP2
Microsoft Commerce Server 2009 0
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Server SP2
Microsoft Commerce Server 2007 SP2
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Server SP2
Microsoft Commerce Server 2002 SP4
Microsoft BizTalk Server 2002 SP1
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server

Not Vulnerable:

Exploit

A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service.
Microsoft has reported that this issue is being exploited in the wild in limited and targeted attacks.

References:

• Microsoft Homepage (Microsoft)
  
• Microsoft Knowledge Base Article 240797 (Microsoft)
  
• VUPEN Security Research - Microsoft Windows Common Controls MSCOMCTL.OCX Use-aft (Nicolas Joly)
  
• Inception Attackers Target Europe with Year-old Office Vulnerability (Palo Alto Networks)
  
• Microsoft Security Bulletin MS12-060 (Microsoft)
  
• MS12-060: Addressing a vulnerability in MSCOMCTL.OCX's TabStrip control (Microsoft)
  

Source: www.securityfocus.com