CVE-2008-1434
7.3 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.753 High
EPSS
Percentile
98.1%
Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a “memory handling error” that triggers memory corruption.
References
labs.idefense.com/intelligence/vulnerabilities/display.php?id=700
marc.info/?l=bugtraq&m=121129490723574&w=2
secunia.com/advisories/30143
www.securityfocus.com/bid/29105
www.securitytracker.com/id?1020014
www.us-cert.gov/cas/techalerts/TA08-134A.html
www.vupen.com/english/advisories/2008/1504/references
docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-026
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5012
Related
7.3 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.753 High
EPSS
Percentile
98.1%