NVD

Id
42305  
Name
CVE-2012-0165  
Description
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attackers to execute arbitrary code via a crafted image, aka "GDI+ Record Type Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2012-05-08  
Modified Date
2013-01-29  
Seq
2012-0165  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
213471 42305 CVE-2012-0165 oval:org.mitre.oval:def:15621  View
213472 42305 CVE-2012-0165 MS12-034  View
213473 42305 CVE-2012-0165 53347  View
213474 42305 CVE-2012-0165 1027038  View
213475 42305 CVE-2012-0165 TA12-129A  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
26655 JVNDB-2012-002362 複数の Microsoft 製品の GDI+ における任意のコードを実行される脆弱性 複数の Microsoft 製品の GDI+ は、EMF イメージのレコードの種類を適切に検証しないため、任意のコードを実行される脆弱性が存在します。 CVE-2012-0165 53403 CVE-2012-0165 42305 9.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002362.html 2012-05-08 2012-05-10 View