Remote Code Execution Vulnerability in Microsoft Word for Windows 6.0 Converter
CVE-2004-0571

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Nt; Windows Xp; Windows 2003 Server; Windows 2000
Vendor: CVE Published:; 10 January 2005

Summary

The Microsoft Word for Windows 6.0 Converter suffers from a vulnerability due to improper validation of data lengths, potentially allowing remote attackers to execute arbitrary code. This can occur when a user interacts with specially crafted .wri, .rtf, or .doc files sent through email or hosted on malicious websites. Users are urged to apply security updates to mitigate the risk associated with this vulnerability.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://exchange.xforce.ibmcloud.com/vulnerabilities/18337

vdb-entryx_refsource_XF

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Jun 15, 2004