PT-2008-6039 · Microsoft · Word 97+2

Securfrog

Published

2008-12-10

Updated

2019-02-26

CVE-2008-4841

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the patchday that contains the fix for this issue

Description A remote code execution issue exists in the way that Microsoft WordPad processes memory when parsing a specially crafted Word 97 document. This could allow remote code execution if a user opens a specially crafted Word file that includes a malformed list structure. The issue has been exploited in the wild.

Recommendations As a temporary workaround, consider disabling the WordPad Text Converter for Word 97 files until a patch is available. Restrict access to Word 97 files to minimize the risk of exploitation. Avoid using WordPad to open untrusted Word 97 documents until the issue is resolved.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2008-4841

Affected Products

Windows

Wordpad

Word 97

PT-2008-6039 · Microsoft · Word 97+2

CVE-2008-4841

Weakness Enumeration

Related Identifiers

Affected Products

References · 16