CVE-2012-1856: Microsoft Office MSCOMCTL.OCX Remote Code Execution
Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability. The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.
- CISA KEV-listed (remediation due 2022-03-24)
- EPSS 91.6% (99.7% percentile)