CVE-2004-0848

Name of the Vulnerable Software and Affected Versions Microsoft Office XP

Description A buffer overflow issue in Microsoft Office XP allows remote attackers to execute arbitrary code. This can be achieved via a link with a URL file location containing long inputs, specifically after encountering a "%00 (null byte) in .doc filenames or a "%0a" (carriage return) in .rtf filenames.

Recommendations For Microsoft Office XP, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider avoiding the use of .doc and .rtf files with "%00" or "%0a" in their filenames until a patch is available. Restrict access to potentially vulnerable files to minimize the risk of exploitation.