Microsoft Windows Common Controls ActiveX Control CVE-2012-1856 Remote Code Execution Vulnerability

Bugtraq ID:	54948
Class:	Design Error
CVE:	CVE-2012-1856
Remote:	Yes
Local:	No
Published:	Aug 14 2012 12:00AM
Updated:	Sep 11 2012 06:30PM
Credit:	Microsoft
Vulnerable:	Microsoft Visual FoxPro 9.0 SP2 Microsoft Visual FoxPro 8.0 SP1 Microsoft SQL Server 2008 x64 SP3 Microsoft SQL Server 2008 x64 SP2 Microsoft SQL Server 2008 x64 R2 Microsoft SQL Server 2008 itanium SP3 Microsoft SQL Server 2008 itanium SP2 Microsoft SQL Server 2008 itanium R2 Microsoft SQL Server 2008 32-bit SP3 Microsoft SQL Server 2008 32-bit SP2 Microsoft SQL Server 2008 32-bit R2 Microsoft SQL Server 2008 R2 SP1 Microsoft SQL Server 2008 R2 Microsoft SQL Server 2005 x64 Edition SP4 Microsoft SQL Server 2005 Itanium Edition SP4 Microsoft SQL Server 2005 Express Edition with Advanced Serv SP4 Microsoft SQL Server 2005 Express Edition with Advanced Serv SP3 Microsoft SQL Server 2005 Express Edition with Advanced Serv SP2 Microsoft SQL Server 2005 Express Edition with Advanced Serv SP1 Microsoft SQL Server 2005 SP4 Microsoft SQL Server 2000 SP4 Microsoft Office 2010 (32-bit edition) SP1 Microsoft Office 2007 SP3 Microsoft Office 2007 SP2 Microsoft Office 2003 Web Components SP3 Microsoft Office 2003 SP3 Microsoft Host Integration Server 2004 SP1 Microsoft Commerce Server 2009 R2 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Server SP2 Microsoft Commerce Server 2009 0 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Server SP2 Microsoft Commerce Server 2007 SP2 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Server SP2 Microsoft Commerce Server 2002 SP4 Microsoft BizTalk Server 2002 SP1 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server

Not Vulnerable: