Intrusion Prevention

MS.Windows.WordPad.Converter.Code.Execution

Description

This indicates an attack attempt against a memory corruption vulnerability in Microsoft WordPad Text Converter.
The vulnerability is caused by an error when the WordPad Text Converter handles a specially crafted document with Word 97 file format. It allows a remote attacker to execute arbitrary code.

Affected Products

Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Currently, we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2008-4841