Buffer Overflow Vulnerability in Microsoft Word 6.0 Converter for Windows
CVE-2004-0901

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Nt
Windows Xp
Windows 2003 Server
Windows 2000
Vendor
CVE Published:
10 January 2005

What is CVE-2004-0901?

The Microsoft Word for Windows 6.0 Converter component improperly validates data lengths during font conversion. This vulnerability could allow remote attackers to execute arbitrary code by sending specially crafted .wri, .rtf, or .doc files via email or from malicious websites, effectively compromising systems using affected versions of Word and WordPad.

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.ciac.org/ciac/bulletins/p-055.shtml
third-party-advisorygovernment-resourcex_refsource_CIAC

EPSS Score

26% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.