Rapid7 VulnDB

MS12-020: Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)

Back to Search

MS12-020: Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
03/13/2012
Created
07/25/2018
Added
03/13/2012
Modified
06/26/2015

Description

This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

Solution(s)

  • WINDOWS-HOTFIX-MS12-020-0e91b461-49d8-4652-9dd8-99141cc3e7d1
  • WINDOWS-HOTFIX-MS12-020-20c90741-ca52-46d3-810c-0343e320152b
  • WINDOWS-HOTFIX-MS12-020-21160242-6971-4452-9797-61afd0dcba89
  • WINDOWS-HOTFIX-MS12-020-234da310-0c49-4d3a-b987-c8c9fa15002b
  • WINDOWS-HOTFIX-MS12-020-3501ec46-e05a-4ffb-ad98-8b9f480b0547
  • WINDOWS-HOTFIX-MS12-020-48859be4-1331-4cd2-8e70-3b537180a0d0
  • WINDOWS-HOTFIX-MS12-020-4930435-legacy
  • WINDOWS-HOTFIX-MS12-020-4930445-legacy
  • WINDOWS-HOTFIX-MS12-020-4e77d891-084e-440d-95bc-42b26c1f7077
  • WINDOWS-HOTFIX-MS12-020-5780229-legacy
  • WINDOWS-HOTFIX-MS12-020-5780231-legacy
  • WINDOWS-HOTFIX-MS12-020-65bdbf06-6ef3-48fe-86bf-1105c9f1f11a
  • WINDOWS-HOTFIX-MS12-020-6616ac60-d0df-4e7e-afc8-99e7f201a638
  • WINDOWS-HOTFIX-MS12-020-6725e54e-bac1-43fe-84d0-4fbbe62e1483
  • WINDOWS-HOTFIX-MS12-020-81e32f92-a9f7-45c0-8988-107735791991
  • WINDOWS-HOTFIX-MS12-020-9914cd71-3e2f-43cb-b175-d4cfe202dcbc
  • WINDOWS-HOTFIX-MS12-020-9d7c1bd7-620c-4e8b-9574-4c5f9b08cef2
  • WINDOWS-HOTFIX-MS12-020-a695f2a5-cc3d-4b40-97b9-cc90eb58eab3
  • WINDOWS-HOTFIX-MS12-020-af83d686-6c2d-40fb-8bbb-fce30cb663b4
  • WINDOWS-HOTFIX-MS12-020-b1b51dd8-0fc5-42fe-8bee-b175502338fb
  • WINDOWS-HOTFIX-MS12-020-b5e9d02f-0020-4732-a0ab-5e88fdd825f4
  • WINDOWS-HOTFIX-MS12-020-b9866145-a3ec-4b3c-a3d2-7203f04df9fd
  • WINDOWS-HOTFIX-MS12-020-bc6165d9-4392-472d-a03d-fdc541a41d6e
  • WINDOWS-HOTFIX-MS12-020-c0c27031-ec0f-49f6-91be-82dd32801d14
  • WINDOWS-HOTFIX-MS12-020-c80c765b-fa42-42b4-968a-4a9a64abbd5e
  • WINDOWS-HOTFIX-MS12-020-dc9ba576-22a0-4561-90f1-a37786f567ff

References

  • WINDOWS-HOTFIX-MS12-020-0e91b461-49d8-4652-9dd8-99141cc3e7d1
  • WINDOWS-HOTFIX-MS12-020-20c90741-ca52-46d3-810c-0343e320152b
  • WINDOWS-HOTFIX-MS12-020-21160242-6971-4452-9797-61afd0dcba89
  • WINDOWS-HOTFIX-MS12-020-234da310-0c49-4d3a-b987-c8c9fa15002b
  • WINDOWS-HOTFIX-MS12-020-3501ec46-e05a-4ffb-ad98-8b9f480b0547
  • WINDOWS-HOTFIX-MS12-020-48859be4-1331-4cd2-8e70-3b537180a0d0
  • WINDOWS-HOTFIX-MS12-020-4930435-legacy
  • WINDOWS-HOTFIX-MS12-020-4930445-legacy
  • WINDOWS-HOTFIX-MS12-020-4e77d891-084e-440d-95bc-42b26c1f7077
  • WINDOWS-HOTFIX-MS12-020-5780229-legacy
  • WINDOWS-HOTFIX-MS12-020-5780231-legacy
  • WINDOWS-HOTFIX-MS12-020-65bdbf06-6ef3-48fe-86bf-1105c9f1f11a
  • WINDOWS-HOTFIX-MS12-020-6616ac60-d0df-4e7e-afc8-99e7f201a638
  • WINDOWS-HOTFIX-MS12-020-6725e54e-bac1-43fe-84d0-4fbbe62e1483
  • WINDOWS-HOTFIX-MS12-020-81e32f92-a9f7-45c0-8988-107735791991
  • WINDOWS-HOTFIX-MS12-020-9914cd71-3e2f-43cb-b175-d4cfe202dcbc
  • WINDOWS-HOTFIX-MS12-020-9d7c1bd7-620c-4e8b-9574-4c5f9b08cef2
  • WINDOWS-HOTFIX-MS12-020-a695f2a5-cc3d-4b40-97b9-cc90eb58eab3
  • WINDOWS-HOTFIX-MS12-020-af83d686-6c2d-40fb-8bbb-fce30cb663b4
  • WINDOWS-HOTFIX-MS12-020-b1b51dd8-0fc5-42fe-8bee-b175502338fb
  • WINDOWS-HOTFIX-MS12-020-b5e9d02f-0020-4732-a0ab-5e88fdd825f4
  • WINDOWS-HOTFIX-MS12-020-b9866145-a3ec-4b3c-a3d2-7203f04df9fd
  • WINDOWS-HOTFIX-MS12-020-bc6165d9-4392-472d-a03d-fdc541a41d6e
  • WINDOWS-HOTFIX-MS12-020-c0c27031-ec0f-49f6-91be-82dd32801d14
  • WINDOWS-HOTFIX-MS12-020-c80c765b-fa42-42b4-968a-4a9a64abbd5e
  • WINDOWS-HOTFIX-MS12-020-dc9ba576-22a0-4561-90f1-a37786f567ff

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;