Microsoft Wordpad '.doc' File NULL Pointer Dereference Denial Of Service Vulnerability
BID:53751
Info
Microsoft Wordpad '.doc' File NULL Pointer Dereference Denial Of Service Vulnerability
| Bugtraq ID: | 53751 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 30 2012 12:00AM |
| Updated: | May 30 2012 12:00AM |
| Credit: | condis |
| Vulnerable: |
Microsoft WordPad 5.1 |
| Not Vulnerable: | |
Discussion
Microsoft Wordpad '.doc' File NULL Pointer Dereference Denial Of Service Vulnerability
Microsoft Wordpad is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference.
An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Due to the nature of the issue, code execution may be possible, however, it has not been confirmed.
Microsoft Wordpad 5.1 is vulnerable; other versions may also be affected.
Microsoft Wordpad is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference.
An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Due to the nature of the issue, code execution may be possible, however, it has not been confirmed.
Microsoft Wordpad 5.1 is vulnerable; other versions may also be affected.
Exploit / POC
Microsoft Wordpad '.doc' File NULL Pointer Dereference Denial Of Service Vulnerability
The following exploit file is available:
(Note: Symantec has not verified the contents of the following available exploit; always use caution when handling exploits.)
The following exploit file is available:
(Note: Symantec has not verified the contents of the following available exploit; always use caution when handling exploits.)
Solution / Fix
Microsoft Wordpad '.doc' File NULL Pointer Dereference Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Microsoft Wordpad '.doc' File NULL Pointer Dereference Denial Of Service Vulnerability
References:
References:
- Microsoft Homepage (Microsoft)