Affected Software: Microsoft Wordpad on Windows XP SP3
Description of Vulnerability: Microsoft Wordpad (on Windows XP SP3) contains a vulnerability that can allow an attacker to cause a denial of service. The vulnerability is due to a memory exhaustion error when a user tries to view a malicious .RTF file. An attacker can exploit the vulnerability by creating a malicious RTF file that will allocate large amounts of memory and cause a denial of service condition. Vulnerable version: Windows XP SP3 Platform: Windows XP SP3 Solution: There is not a patch. Do not open untrusted files. Credits: Discovered by murderkey, Hellcode Research. Exploit: http://www.hellcode.net/wordpad.txt
