← ExploitWatch
HomeExploited Vulnerabilities

CVE-2012-1856 — Actively Exploited: Office (Microsoft)

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.

CVE IDCVE-2012-1856
VendorMicrosoft
ProductOffice
Vulnerability nameMicrosoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability
Date added2022-03-03
Remediation due2022-03-24
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionThe TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →