Secunia Logo  
 Vulnerability InformationVulnerability ScanningCommunityBlogCorporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Information > Secunia Advisories > CVE-2008-4841
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About


Secunia PSI WorldMap 		 
CVE Reference: CVE-2008-4841
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-4841

Description:
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008. NOTE: As of 20081210, it is unclear whether this vulnerability is related to a WordPad issue disclosed on 20080925 with a 2008-crash.doc.rar example, but there are insufficient details to be sure.

CVE Status:
Candidate

References:

ST
  1021376

SREASON
  http://securityreason.com/securityalert/4711

SAID
  Secunia Advisory: SA32997

MS
  http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx

MISC
  http://milw0rm.com/sploits/2008-crash.doc.rar

MILW0RM
  http://www.milw0rm.com/exploits/6560

CONFIRM
  http://www.microsoft.com/technet/security/advisory/960906.mspx

CERT
  http://www.us-cert.gov/cas/techalerts/TA09-104A.html

BID
  31399
  32718


Return to the previous page.


Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs (open positions) | About Secunia
Copyright Secunia 2002-2009