CVE-2012-1854

10.07.2012, 21:55

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Visual Basic for Applications Insecure Library Loading Vulnerability," as exploited in the wild in July 2012.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
microsoft	visual_basic_for_applications	*
microsoft	visual_basic_for_applications_sdk	*

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-426 - Untrusted Search Path
The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.

Vulnerability Media Exposure

References

http://www.us-cert.gov/cas/techalerts/TA12-192A.html

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-046

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14950

http://www.us-cert.gov/cas/techalerts/TA12-192A.html

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-046

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14950

https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-046

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1854