CVE-2008-1434 Information

Description

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3 2003 SP2 and SP3 and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors related to a \memory handling error\ that triggers memory corruption.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=700 http://marc.info/?l=bugtraq&m=121129490723574&w=2 http://secunia.com/advisories/30143 http://www.securityfocus.com/bid/29105 http://www.securitytracker.com/id?1020014 http://www.us-cert.gov/cas/techalerts/TA08-134A.html http://www.vupen.com/english/advisories/2008/1504/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-026 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5012