SynopsisArbitrary code can be executed on the remote host through WordPad.
DescriptionThe remote host contains a version of Microsoft WordPad that is vulnerable to two security flaws.
To exploit these flaws an attacker would need to send a malformed Word file to a victim on the remote host and wait for him to open the file using WordPad.
Opening the file with WordPad will trigger a buffer overflow that could allow an attacker to execute arbitrary code on the remote host with the privileges of the user.
SolutionMicrosoft has released a set of patches for Windows NT, 2000, XP and 2003.