Microsoft Word multiple security vulnerabilities - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Microsoft Word multiple security vulnerabilities
Published: 14.05.2008
Source: MICROSOFT
SecurityVulns ID: 8989
Type: remote
Level: 7/10
Description: Memory coruption on RTF parsing, memory corruption on CSS parsing.

Affected: MICROSOFT : Office 2000
MICROSOFT : Office 2003
MICROSOFT : Office 2004 for Mac
MICROSOFT : Office 2007
MICROSOFT : Word Viewer 2003
MICROSOFT : Office 2008 for Mac
CVE: CVE-2008-1434 (Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.)
CVE-2008-1091

Original document IDEFENSE, iDefense Security Advisory 05.13.08: Microsoft Word CSS Processing Memory Corruption Vulnerability (14.05.2008)

ZDI, ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability (14.05.2008)

MICROSOFT, ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability (14.05.2008)

document MICROSOFT, Microsoft Security Bulletin MS08-026 – Critical Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207) (14.05.2008)

Files: Microsoft Security Bulletin MS08-026 – Critical Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server