CVE-2011-0028

Description

WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse fields in Word documents, which allows remote attackers to execute arbitrary code via a crafted .doc file, aka WordPad Converter Parsing Vulnerability.

Risk Information

Base Score

6.2

MODERATE

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

Exploitation Probability

54.895

Associated Vulnerability

Vulnerability	OS Platform
Security Update for Windows XP (KB2485663)	Windows
Security Update for Windows Server 2003 (KB2485663)	Windows
Security Update for Windows XP x64 Edition (KB2485663)	Windows
Security Update for Windows Server 2003 x64 Edition (KB2485663)	Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234