Release DateMar 08, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates that a non-ActiveX COM object, such as OutlookExpress.AddressBook COM control, InstallEngine COM control, or Sysmon.3 COM contro, is embedded into the OLE section of a WordPad RTF document. It can result in arbitrary code execution or a crash. |
Affected ProductsMicrosoft WordPad |
Recommended ActionsCurrently we are not aware of any patches supplied by the vendor for this issue. |
Coverage IPS
VCM |
Reference/shttps://strikecenter.bpointsys.com/bps/advisory/BPS-2006-0001 |
