CVE-2008-1434

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007_sp1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:*:sp1:*:*:*:*:*
cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word_viewer:2003:*:sp3:*:*:*:*:*

History

No history.

Information

Published : 2008-05-13 22:20

Updated : 2024-02-04 17:33


NVD link : CVE-2008-1434

Mitre link : CVE-2008-1434

CVE.ORG link : CVE-2008-1434


JSON object : View

Products Affected

microsoft

  • office_compatibility_pack_for_word_excel_ppt_2007
  • word_viewer
  • office
CWE
CWE-399

Resource Management Errors