Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0173

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0173
Last Modified 06 Mar 2013 11:50:44
Published 12 Jun 2012 06:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0173

Summary

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, aka "Remote Desktop Protocol Vulnerability," a different vulnerability than CVE-2012-0002.

Vulnerable Systems

Operating System

  • Microsoft Windows 7

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008

  • Microsoft Windows Server 2008 -

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Vista

  • Microsoft Windows Xp

  • Microsoft Windows Xp -


References

MS - MS12-036

CERT - TA12-164A

Related Patches

MS12-036 Security Update for Windows Server 2003 (KB2685939)

MS12-036 Security Update for Windows Server 2008 (KB2685939)

MS12-036 Security Update for Windows Vista (KB2685939)

MS12-036 Security Update for Windows XP (KB2685939)

MS12-036 Security Update for Windows 7 (KB2685939)

MS12-036 Security Update for Windows Vista x64 (KB2685939)

MS12-036 Security Update for Windows Server 2003 x64 (KB2685939)

MS12-036 Security Update for Windows Server 2008 x64 (KB2685939)

MS12-036 Security Update for Windows Server 2008 R2 x64 (KB2685939)

MS12-036 Security Update for Windows 7 x64 (KB2685939)


Last Updated: 27 May 2016 10:47:11