CVE-2012-2524

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2007 SP2 through 2007 SP3 Microsoft Office version 2010 SP1

Description A remote code execution issue exists in the way Microsoft Office handles specially crafted Computer Graphics Metafile (CGM) graphics files. This could allow an attacker to execute arbitrary code or cause a denial of service due to memory corruption. An attacker who successfully exploits this issue could take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office 2007 SP2 and SP3, update to a version that is not affected by this issue. For Microsoft Office 2010 SP1, update to a version that is not affected by this issue. As a temporary workaround, consider avoiding the use of CGM files in Microsoft Office until a patch is available.