What is the severity of CVE-2004-0901?

CVE-2004-0901 is classified as a critical vulnerability due to its ability to allow remote code execution.

How do I fix CVE-2004-0901?

To mitigate CVE-2004-0901, users should install the latest security patches provided by Microsoft for the affected software.

Which software is affected by CVE-2004-0901?

CVE-2004-0901 affects Microsoft Windows NT, Windows XP, and Windows 2003 Server among others.

What types of files can exploit CVE-2004-0901?

CVE-2004-0901 can be exploited using specially crafted .wri, .rtf, and .doc files.

Can CVE-2004-0901 be exploited via email?

Yes, CVE-2004-0901 can be exploited through malicious email attachments containing vulnerable file types.

Vulnerability/
CVE-2004-0901

critical

CWE

NVD-CWE-Other

15/12/2004

8/8/2024

CVE-2004-0901

First published: Wed Dec 15 2004(Updated: )

Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Windows NT	=4.0-sp5
Microsoft Windows XP	=sp1
Microsoft Windows NT	=4.0-sp3
Microsoft Windows 2003 Server	=web
Microsoft Windows 2003 Server	=enterprise
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows 2003 Server	=enterprise_64-bit
Microsoft Windows XP	=gold
Microsoft Windows 2000
Microsoft Windows NT	=4.0-sp6
Microsoft Windows XP
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp1
Microsoft Windows NT	=4.0-sp3
Microsoft Windows 2000	=sp4
Microsoft Windows XP	=sp2
Microsoft Windows NT	=4.0-sp6
Microsoft Windows NT	=4.0-sp4
Microsoft Windows 98SE
Microsoft Windows NT	=4.0-sp5
Microsoft Windows 2000	=sp2
Microsoft Windows NT	=4.0-sp6
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp4
Microsoft Windows NT	=4.0-sp2
Microsoft Windows 2003 Server	=r2
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp4
Microsoft Windows NT	=4.0-sp2
Microsoft Windows NT	=4.0-sp1
Microsoft Windows 2000	=sp1
Microsoft Windows NT	=4.0-sp4
Microsoft Windows NT	=4.0-sp6
Microsoft Windows XP
Microsoft Windows NT	=4.0-sp3
Microsoft Windows NT	=4.0-sp1
Microsoft Windows Me
Microsoft Windows NT	=4.0-sp2
Microsoft Windows NT	=4.0-sp5
Microsoft Windows NT	=4.0-sp1
Microsoft Windows XP	=sp1
Microsoft Windows 2003 Server	=standard
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows NT	=4.0-sp3
Microsoft Windows 98	=gold
Microsoft Windows 2003 Server	=r2
Microsoft Windows NT	=4.0-sp5
Microsoft Windows NT	=4.0-sp2
Microsoft Windows 2000	=sp3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0901?
CVE-2004-0901 is classified as a critical vulnerability due to its ability to allow remote code execution.
How do I fix CVE-2004-0901?
To mitigate CVE-2004-0901, users should install the latest security patches provided by Microsoft for the affected software.
Which software is affected by CVE-2004-0901?
CVE-2004-0901 affects Microsoft Windows NT, Windows XP, and Windows 2003 Server among others.
What types of files can exploit CVE-2004-0901?
CVE-2004-0901 can be exploited using specially crafted .wri, .rtf, and .doc files.
Can CVE-2004-0901 be exploited via email?
Yes, CVE-2004-0901 can be exploited through malicious email attachments containing vulnerable file types.

collector/nvd-historical
vendor/microsoft
product/windows nt
canonical/microsoft windows nt
product/windows xp
canonical/microsoft windows xp
product/windows 2003 server
canonical/microsoft windows 2003 server
product/windows 2000
canonical/microsoft windows 2000
product/windows 98se
canonical/microsoft windows 98se
product/windows me
canonical/microsoft windows me
product/windows 98
canonical/microsoft windows 98
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/last-modified-date
agent/severity
agent/tags
agent/description
agent/first-publish-date
agent/event
agent/source
version/microsoft windows nt/4.0-sp5
version/microsoft windows xp/sp1
version/microsoft windows nt/4.0-sp3
version/microsoft windows 2003 server/web
version/microsoft windows 2003 server/enterprise
version/microsoft windows nt/4.0-sp6a
version/microsoft windows 2003 server/enterprise_64-bit
version/microsoft windows xp/gold
version/microsoft windows nt/4.0-sp6
version/microsoft windows nt/4.0
version/microsoft windows nt/4.0-sp1
version/microsoft windows 2000/sp4
version/microsoft windows xp/sp2
version/microsoft windows nt/4.0-sp4
version/microsoft windows 2000/sp2
version/microsoft windows nt/4.0-sp2
version/microsoft windows 2003 server/r2
version/microsoft windows 2000/sp1
version/microsoft windows 2003 server/standard
version/microsoft windows 98/gold
version/microsoft windows 2000/sp3

CVE-2004-0901

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0901?

How do I fix CVE-2004-0901?

Which software is affected by CVE-2004-0901?

What types of files can exploit CVE-2004-0901?

Can CVE-2004-0901 be exploited via email?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2004-0901?

How do I fix CVE-2004-0901?

Which software is affected by CVE-2004-0901?

What types of files can exploit CVE-2004-0901?

Can CVE-2004-0901 be exploited via email?