CVE-2008-1434

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office; Office Compatibility Pack For Word Excel Ppt 2007; Word Viewer
Vendor: CVE Published:; 13 May 2008

Summary

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.

References

http://www.securitytracker.com/id?1020014

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.vupen.com/english/advisories/2008/1504/references

vdb-entryx_refsource_VUPEN

EPSS Score

90% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 13, 2008
Vulnerability Reserved
Mar 21, 2008

Collectors

NVD DatabaseMitre Database