CVE-2012-0158

CISA description

Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the current user.

Required action

Apply updates per vendor instructions.

Notes & references

• https://nvd.nist.gov/vuln/detail/CVE-2012-0158

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

• RA-5 · Vulnerability Monitoring and Scanning
• SI-2 · Flaw Remediation
• CM-6 · Configuration Settings
• SI-7 · Software, Firmware, and Information Integrity
• CM-8 · System Component Inventory

External lookups

• NVD · CVE-2012-0158
• CVE.org · CVE-2012-0158
• CISA KEV catalog (canonical)