Home

CVE-2010-2563

Description

The Word 97 text converter in the WordPad Text Converters in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse malformed structures in Word 97 documents, which allows remote attackers to execute arbitrary code via a crafted document containing an unspecified value that is used in a loop counter, aka WordPad Word 97 Text Converter Memory Corruption Vulnerability.

Risk Information

Base Score
6.2
MODERATE
Vector
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
29.001

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Windows XP (KB2259922)Windows
Security Update for Windows Server 2003 (KB2259922)Windows
Security Update for Windows XP x64 Edition (KB2259922)Windows
Security Update for Windows Server 2003 x64 Edition (KB2259922)Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234