(MS12-060) Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)
Publish date: 15 de agosto de 2012
Gravedad: Crítico
Identificadores de CVE : CVE-2012-1856
Fecha recomendada: 15 de agosto de 2012
Descripción
This update resolves a vulnerability in MSCOMCTL.OCX, which is found in a host of Microsoft products. When successfully exploited, the vulnerability allows an attacker to remotely execute any code on the vulnerable system. Some of the affected MS products are:
- MS Visual FoxPro
- MS Commerce Server
- MS SQL Server
- MS Office
Soluciones
Software y versión afectados
- Microsoft Office 2003 Service Pack 3
- Microsoft Office 2003 Web Components Service Pack 3
- Microsoft Office 2007 Service Pack 2
- Microsoft Office 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 1 (32-bit Editions)
- Microsoft SQL Server 2000 Service Pack 4
- Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2005 for x64-based Systems Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 for x64-based Systems Service Pack 3 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 3 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for 32-bit Systems (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for Itanium-based Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft Commerce Server 2002 Service Pack 4
- Microsoft SQL Server 2000 Analysis Services Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2005 for 32-bit Systems Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2005 for Itanium-based Systems Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2008 for 32-bit Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 for x64-based Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 1 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for x64-based Systems (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 1 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for Itanium-based Systems (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for Itanium-based Systems Service Pack 1 (Microsoft SQL Server 2008)
- Microsoft Commerce Server 2007 Service Pack 2
- Microsoft Commerce Server 2009
- Microsoft Commerce Server 2009 R2
- Microsoft Host Integration Server 2004 Service Pack 1
- Microsoft Visual FoxPro 8.0 Service Pack 1
- Microsoft Visual FoxPro 9.0 Service Pack 2
- Visual Basic 6.0 Runtime