CVE-2004-0901
published 2005-01-10CVE-2004-0901: Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to…
PriorityP347critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
31.05%
98.0th percentile
Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_nt | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jg5g-77rp-vp26: Microsoft Word for Windows 6
ghsa_unreviewed·2022-04-29·CVSS 10.0
CVE-2004-0901 [CRITICAL] GHSA-jg5g-77rp-vp26: Microsoft Word for Windows 6
Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571.
GHSA
GHSA-596g-qg9p-5mvj: Microsoft Word for Windows 6
ghsa_unreviewed·2022-04-29·CVSS 10.0
CVE-2004-0571 [CRITICAL] GHSA-596g-qg9p-5mvj: Microsoft Word for Windows 6
Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.ciac.org/ciac/bulletins/p-055.shtmlhttp://www.idefense.com/application/poi/display?id=162&type=vulnerabilities&flashstatus=truehttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-041https://exchange.xforce.ibmcloud.com/vulnerabilities/18338https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1241https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1655https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3310https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3882https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4076https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4576https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4749https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A539http://www.ciac.org/ciac/bulletins/p-055.shtmlhttp://www.idefense.com/application/poi/display?id=162&type=vulnerabilities&flashstatus=truehttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-041https://exchange.xforce.ibmcloud.com/vulnerabilities/18338https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1241https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1655https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3310https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3882https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4076https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4576https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4749https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A539
2005-01-10
Published