Vulnonym.org

CVE-2008-1434 - Reorganized Puffer Fish

Description

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3 2003 SP2 and SP3 and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors related to a \memory handling error\ that triggers memory corruption.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=700 http://www.us-cert.gov/cas/techalerts/TA08-134A.html http://www.securityfocus.com/bid/29105 http://www.securitytracker.com/id?1020014 http://secunia.com/advisories/30143 http://marc.info/?l=bugtraq&m=121129490723574&w=2 http://www.vupen.com/english/advisories/2008/1504/references https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5012 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-026