Vulnerability Name: CVE-2012-0002 (CCN-73541) Assigned: 2011-11-09 Published: 2012-03-13 Updated: 2020-09-28 Summary: The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, aka "Remote Desktop Protocol Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-020
"By default, the Remote Desktop Protocol is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk. Note that on Windows XP and Windows Server 2003, Remote Assistance can enable RDP." CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )8.3 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-94 Vulnerability Consequences: Gain Access References: Source: MISC Type: UNKNOWNhttp://blogs.quickheal.com/remote-desktop-protocol-vulnerability-cve-2012-0002-not-dead-yet/ Source: MITRE Type: CNACVE-2012-0002 Source: CCN Type: SA48395Microsoft Windows Remote Desktop Protocol Two Vulnerabilities Source: CCN Type: Microsoft Security Bulletin MS12-020Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) Source: CCN Type: IBM Security Protection AlertMicrosoft Windows Remote Desktop Protocol Code Execution Source: CCN Type: BID-52353Microsoft Remote Desktop Protocol CVE-2012-0002 Remote Code Execution Vulnerability Source: SECTRACK Type: UNKNOWN1026790 Source: CERT Type: US Government ResourceTA12-073A Source: MS Type: UNKNOWNMS12-020 Source: XF Type: UNKNOWNms-win-rdp-code-exec(73541) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:14623 Source: CCN Type: Rapid7 Web siteMS12-020 Microsoft Remote Desktop Checker Source: CCN Type: Rapid7 Vulnerability and Exploit Database [05-30-2018]MS12-020 Microsoft Remote Desktop Checker Source: CCN Type: ZDI-12-044Microsoft Remote Desktop Protocol Channel Abort Condition Remote Code Execution Vulnerability Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_7:*:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_7:*:*:x86:*:*:*:*:* OR cpe:/o:microsoft:windows_7:*:sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_7:*:sp1:x86:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* Configuration CCN 1 :cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista::sp2:~~~~x64~:*:*:*:*:* OR cpe:/o:microsoft:windows_vista::sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_7:::x32:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_7::sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:* Denotes that component is vulnerable Oval Definitions BACK
microsoft windows 7 *
microsoft windows 7 *
microsoft windows 7 * sp1
microsoft windows 7 * sp1
microsoft windows server 2003 * sp2
microsoft windows server 2008 * sp2
microsoft windows server 2008 * sp2
microsoft windows server 2008 - sp2
microsoft windows server 2008 r2
microsoft windows server 2008 r2
microsoft windows vista * sp2
microsoft windows vista * sp2
microsoft windows xp * sp3
microsoft windows xp - sp2
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows xp sp2
microsoft windows server 2008 -
microsoft windows xp sp3
microsoft windows vista sp2
microsoft windows vista sp2
microsoft windows server 2008 sp2
microsoft windows 7
microsoft windows server 2008 r2
microsoft windows server 2008 r2
microsoft windows server 2008
microsoft windows 7 sp1
microsoft windows server 2008 r2
microsoft windows server 2008 r2