CVE-2012-1856 — Actively Exploited: Office (Microsoft)
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.
| CVE ID | CVE-2012-1856 |
|---|---|
| Vendor | Microsoft |
| Product | Office |
| Vulnerability name | Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability |
| Date added | 2022-03-03 |
| Remediation due | 2022-03-24 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →