NVD disclosure day

Published threat advisories for April 10, 2012

CVE advisoryKnown Exploit

CVE-2012-0158

Microsoft ActiveX Control Code Execution Vulnerability.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

Certain Microsoft ActiveX controls can allow remote attackers to execute arbitrary code via crafted websites or documents. This impacts organizations using specific Microsoft Office and related products, posing a risk of system compromise and unauthorized access. The realistic business risk involves potential data brea

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2012-0151

Microsoft Windows Code Execution Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A flaw in Microsoft Windows' signature verification function allows for arbitrary code execution when a user opens a modified file. This impacts organizations by enabling attackers to run malicious code on affected systems, posing a business risk. The vulnerability requires user interaction to exploit.

NVD published: • CISA KEV