Wordpad
by Microsoft
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8307 | Med | 0.35 | 5.3 | 0.03 | Jul 11, 2018 | A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows… | ||
| CVE-2023-36563 | 0.12 | — | 0.21 | KEV | Oct 10, 2023 | Microsoft WordPad Information Disclosure Vulnerability | ||
| CVE-2008-4841 | 0.06 | — | 0.43 | Dec 10, 2008 | The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild… | |||
| CVE-2009-0235 | 0.03 | — | 0.34 | Apr 15, 2009 | Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of… | |||
| CVE-2009-2506 | 0.02 | — | 0.31 | Dec 9, 2009 | Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number… | |||
| CVE-2009-0087 | 0.02 | — | 0.26 | Apr 15, 2009 | Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a… |
- risk 0.35cvss 5.3epss 0.03
A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows…
- risk 0.12cvss —epss 0.21
Microsoft WordPad Information Disclosure Vulnerability
- CVE-2008-4841Dec 10, 2008risk 0.06cvss —epss 0.43
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild…
- CVE-2009-0235Apr 15, 2009risk 0.03cvss —epss 0.34
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of…
- CVE-2009-2506Dec 9, 2009risk 0.02cvss —epss 0.31
Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number…
- CVE-2009-0087Apr 15, 2009risk 0.02cvss —epss 0.26
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a…