CVE-2012-1854 — HIGH (7.8) — White Hats Nepal

Vulnerability Description

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Visual Basic for Applications Insecure Library Loading Vulnerability," as exploited in the wild in July 2012.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Microsoft	Office	2003
Microsoft	Visual Basic For Applications	All versions
Microsoft	Visual Basic For Applications Sdk	All versions

Related Weaknesses (CWE)

CWE-426

References

http://www.us-cert.gov/cas/techalerts/TA12-192A.htmlUS Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-04MitigationVendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
http://www.us-cert.gov/cas/techalerts/TA12-192A.htmlUS Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-04MitigationVendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-0MitigationVendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-US Government Resource

FAQ

What is CVE-2012-1854?

CVE-2012-1854 is a vulnerability with a CVSS score of 7.8 (HIGH). Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic ...

How severe is CVE-2012-1854?

CVE-2012-1854 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-1854?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Office, Microsoft Visual Basic For Applications, Microsoft Visual Basic For Applications Sdk.