CVE-2008-1434
iDEFENSE Security Advisory 2008-05-13.1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.
Una vulnerabilidad de uso de la memoria previamente liberada en Microsoft Word en Office 2000 y XP SP3, 2003 SP2 y SP3, y 2007 Office System SP1 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de un documento HTML con un gran número de Cascading Style Sheets (CSS), relacionado con un "memory handling error" que desencadena una corrupción de memoria.
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code with the privileges of the logged in user. This vulnerability exists in the way Word handles CSS rules in an HTML document. When the number of CSS selectors is above some specific amount, an unspecified object will be corrupted causing Word to access a memory region that has already been freed. iDefense has confirmed fully patched Microsoft Word 2003 SP2, Microsoft Word XP SP3, Microsoft Word 2000 SP3 are vulnerable. Microsoft Word 2003 SP3 and Microsoft Word 2007 do not appear to be affected. Microsoft reports that all supported versions of Word, Word Viewer, and Outlook 2007 are vulnerable.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-03-21 CVE Reserved
- 2008-05-13 CVE Published
- 2024-08-07 CVE Updated
- 2025-08-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=700 | Third Party Advisory | |
| http://www.securitytracker.com/id?1020014 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA08-134A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5012 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/29105 | 2018-10-12 |
| URL | Date | SRC |
|---|---|---|
| http://marc.info/?l=bugtraq&m=121129490723574&w=2 | 2018-10-12 | |
| http://secunia.com/advisories/30143 | 2018-10-12 | |
| http://www.vupen.com/english/advisories/2008/1504/references | 2018-10-12 | |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-026 | 2018-10-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2003 Search vendor "Microsoft" for product "Office" and version "2003" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2003 Search vendor "Microsoft" for product "Office" and version "2003" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2004 Search vendor "Microsoft" for product "Office" and version "2004" | mac |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2007 Search vendor "Microsoft" for product "Office" and version "2007" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2007_sp1 Search vendor "Microsoft" for product "Office" and version "2007_sp1" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2008 Search vendor "Microsoft" for product "Office" and version "2008" | mac |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | xp Search vendor "Microsoft" for product "Office" and version "xp" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Compatibility Pack For Word Excel Ppt 2007 Search vendor "Microsoft" for product "Office Compatibility Pack For Word Excel Ppt 2007" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Compatibility Pack For Word Excel Ppt 2007 Search vendor "Microsoft" for product "Office Compatibility Pack For Word Excel Ppt 2007" | * | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Viewer Search vendor "Microsoft" for product "Word Viewer" | 2003 Search vendor "Microsoft" for product "Word Viewer" and version "2003" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Viewer Search vendor "Microsoft" for product "Word Viewer" | 2003 Search vendor "Microsoft" for product "Word Viewer" and version "2003" | sp3 |
Affected
| ||||||