Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Word multiple security vulnerabilities
Published:14.05.2008
Source:
SecurityVulns ID:8989
Type:remote
Threat Level:
7/10
Description:Memory coruption on RTF parsing, memory corruption on CSS parsing.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office 2007
 MICROSOFT : Word Viewer 2003
 MICROSOFT : Office 2008 for Mac
CVE:CVE-2008-1434 (Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.)
 CVE-2008-1091
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.13.08: Microsoft Word CSS Processing Memory Corruption Vulnerability (14.05.2008)
 documentZDI, ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability (14.05.2008)
 documentMICROSOFT, ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability (14.05.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-026 – Critical Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207) (14.05.2008)
Files:Microsoft Security Bulletin MS08-026 – Critical Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod