CVE-2004-0901

Name of the Vulnerable Software and Affected Versions: Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC)

Description: The issue arises from improper validation of certain data lengths, allowing remote attackers to execute arbitrary code. This can be achieved by sending a malicious .wri, .rtf, or .doc file via email or hosting it on a malicious website.

Recommendations: For Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), consider disabling the handling of .wri, .rtf, and .doc files until a patch is available. Restrict access to email attachments and websites that may host malicious files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.