MS11-033 MS11-033 - Important: Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663)
Important2011-04-12 Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Microsoft Windows. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. For more information, see the subsection, Affected and Non-Affected Software, in this section.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse fields in Word documents, which allows remote attackers to execute arbitrary code via a crafted .doc file, aka "WordPad Converter Parsing Vulnerability."
Max CVSS
9.3
EPSS Score
95.07%
Published
2011-04-13
Updated
2019-02-26