CVE Database · CVE-2004-0901
CVSS v3.1
N/A
EPSS
31.92%
Published
Jan 10, 2005
Modified
Apr 15, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571.
Affected Products (51)
References (20)
...and 1 more
