Microsoft Word RTF 'listoverridecount' Remote Code Execution Vulnerability (CVE-2012-2539)

  Severity: CRITICAL
  CVE Identifier: CVE-2012-2539,MS12-079
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1005271
  Trend Micro Deep Security DPI Rule Name: 1005271 - Microsoft Word RTF 'listoverridecount' Remote Code Execution Vulnerability (CVE-2012-2539)

  AFFECTED SOFTWARE AND VERSION

  • microsoft office_compatibility_pack
  • microsoft office_web_apps 2010
  • microsoft office_word_viewer
  • microsoft word 2003
  • microsoft word 2007
  • microsoft word 2010
  • Microsoft Word