CVE-2012-1856

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption. Vendor/Product: Microsoft Office. Added to CISA KEV 2022-03-03; required action: Apply updates per vendor instructions.