Vulnerabilities > CVE-2004-0901 - Unspecified vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571.
Vulnerable Configurations
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS04-041.NASL |
description | The remote host contains a version of Microsoft WordPad that is vulnerable to two security flaws. To exploit these flaws an attacker would need to send a malformed Word file to a victim on the remote host and wait for him to open the file using WordPad. Opening the file with WordPad will trigger a buffer overflow that could allow an attacker to execute arbitrary code on the remote host with the privileges of the user. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15966 |
published | 2004-12-14 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15966 |
title | MS04-041: Vulnerabilities in WordPad (885836) |
code |
|
Oval
accepted 2014-06-30T04:00:23.792-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Josh Turpin organization Symantec Corporation name Maria Mikhno organization ALTX-SOFT
description Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. family windows id oval:org.mitre.oval:def:1241 status accepted submitted 2005-01-05T12:00:00.000-04:00 title MS Word 6.0 Font Conversion Vulnerability (Windows 2000) version 13 accepted 2014-06-30T04:05:59.997-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Josh Turpin organization Symantec Corporation name Maria Mikhno organization ALTX-SOFT
description Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. family windows id oval:org.mitre.oval:def:1655 status accepted submitted 2005-01-05T12:00:00.000-04:00 title MS Word 6.0 Font Conversion Vulnerability (Server 2003) version 12 accepted 2014-06-30T04:10:59.986-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name John Hoyland organization Centennial Software name Jonathan Baker organization The MITRE Corporation name Josh Turpin organization Symantec Corporation name Maria Mikhno organization ALTX-SOFT
definition_extensions comment Microsoft Windows NT is installed oval oval:org.mitre.oval:def:36 description Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. family windows id oval:org.mitre.oval:def:3310 status accepted submitted 2005-01-05T12:00:00.000-04:00 title MS Word 6.0 Font Conversion Vulnerability (NT 4.0) version 30 accepted 2014-06-30T04:11:00.334-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Josh Turpin organization Symantec Corporation name Maria Mikhno organization ALTX-SOFT
description Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. family windows id oval:org.mitre.oval:def:3882 status accepted submitted 2005-01-05T12:00:00.000-04:00 title MS Word 6.0 Font Conversion Vulnerability (32-bit XP) version 17 accepted 2005-04-27T12:07:00.000-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Ingrid Skoog organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Clifford Farrugia organization GFI Software
description Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. family windows id oval:org.mitre.oval:def:4076 status deprecated submitted 2005-01-05T12:00:00.000-04:00 title Suppressed: Duplicate of OVAL1655 version 7 accepted 2014-06-30T04:11:00.652-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Jonathan Baker organization The MITRE Corporation name Josh Turpin organization Symantec Corporation name Maria Mikhno organization ALTX-SOFT
definition_extensions comment Microsoft Windows NT is installed oval oval:org.mitre.oval:def:36 description Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. family windows id oval:org.mitre.oval:def:4576 status accepted submitted 2005-01-05T12:00:00.000-04:00 title MS Word 6.0 Font Conversion Vulnerability (NT Terminal Server) version 29 accepted 2005-02-23T09:25:00.000-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Clifford Farrugia organization GFI Software name Dragos Prisaca organization Gideon Technologies, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. family windows id oval:org.mitre.oval:def:4749 status deprecated submitted 2005-01-05T12:00:00.000-04:00 title Suppressed: Duplicate of OVAL3882 version 13 accepted 2014-06-30T04:11:01.564-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Josh Turpin organization Symantec Corporation name Maria Mikhno organization ALTX-SOFT
description Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. family windows id oval:org.mitre.oval:def:539 status accepted submitted 2005-01-05T12:00:00.000-04:00 title MS Word 6.0 Font Conversion Vulnerability (64-bit XP) version 18
References
- http://www.ciac.org/ciac/bulletins/p-055.shtml
- http://www.idefense.com/application/poi/display?id=162&type=vulnerabilities&flashstatus=true
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-041
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18338
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1241
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1655
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3310
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3882
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4076
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4576
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4749
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A539