CVE-2004-0571

3 documents3 sources

Severity

10.0CRITICAL

EPSS

25.8%

top 3.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2003 Server Microsoft Windows NT

Timeline

PublishedJan 10

Latest updateApr 29

Description

Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDmicrosoft/windows_nt4.0

▶NVDmicrosoft/windows_2003_server5 versions+4

🔴Vulnerability Details

GHSA

GHSA-596g-qg9p-5mvj: Microsoft Word for Windows 6↗2022-04-29

▶

CVEList

CVE-2004-0571: Microsoft Word for Windows 6↗2004-12-15

▶