VULHUB ™

The riched20.dll is vulnerable to a buffer overflow that results in the application calling the library to fail. By creating a Rich Text Format (RTF) file with more than 65536 bytes of data in an attribute, the buffer will be overrun. Execution of arbitrary code may be possible. RTF files may be opened automatically by Internet Explorer and Outlook. ** Some reports indicate that this vulnerability could not be reproduced on riched20.dll v.3.0 (5.30.23.1200) running on Windows NT or riched20.dll v.3.0 (5.30.23.1211) running on Windows XP.

The riched20.dll is vulnerable to a buffer overflow that results in the application calling the library to fail. By creating a Rich Text Format (RTF) file with more than 65536 bytes of data in an attribute, the buffer will be overrun. Execution of arbitrary code may be possible. RTF files may be opened automatically by Internet Explorer and Outlook. ** Some reports indicate that this vulnerability could not be reproduced on riched20.dll v.3.0 (5.30.23.1200) running on Windows NT or riched20.dll v.3.0 (5.30.23.1211) running on Windows XP.