New Search

Word Cascading Style Sheet (CSS) Vulnerability

oval:org.mitre.oval:def:5012

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3 2003 SP2 and SP3 and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors related to a "memory handling error" that triggers memory corruption.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows Vista
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2008-1434
Product(s):
  • Microsoft Word
  • Microsoft Office Compatibility Pack