Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka Font Conversion Vulnerability, a different vulnerability than CVE-2004-0571.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_2000 | Microsoft | * | * |
Windows_2003_server | Microsoft | enterprise (including) | enterprise (including) |
Windows_2003_server | Microsoft | enterprise_64-bit (including) | enterprise_64-bit (including) |
Windows_2003_server | Microsoft | r2 (including) | r2 (including) |
Windows_2003_server | Microsoft | standard (including) | standard (including) |
Windows_2003_server | Microsoft | web (including) | web (including) |
Windows_98 | Microsoft | * | * |
Windows_98se | Microsoft | * | * |
Windows_me | Microsoft | * | * |
Windows_nt | Microsoft | 4.0 (including) | 4.0 (including) |
Windows_nt | Microsoft | 4.0-sp1 (including) | 4.0-sp1 (including) |
Windows_nt | Microsoft | 4.0-sp2 (including) | 4.0-sp2 (including) |
Windows_nt | Microsoft | 4.0-sp3 (including) | 4.0-sp3 (including) |
Windows_nt | Microsoft | 4.0-sp4 (including) | 4.0-sp4 (including) |
Windows_nt | Microsoft | 4.0-sp5 (including) | 4.0-sp5 (including) |
Windows_nt | Microsoft | 4.0-sp6 (including) | 4.0-sp6 (including) |
Windows_nt | Microsoft | 4.0-sp6a (including) | 4.0-sp6a (including) |
Windows_xp | Microsoft | * | * |