New Search

Word Cascading Style Sheet (CSS) Vulnerability

oval:org.mitre.oval:def:5012

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3 2003 SP2 and SP3 and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors related to a "memory handling error" that triggers memory corruption.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2003
  • Microsoft Windows 2000
  • Microsoft Windows Vista
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2008-1434
Product(s):
  • Microsoft Office Compatibility Pack
  • Microsoft Word