CVE Database · CVE-2008-1434
CVSS v3.1
N/A
EPSS
30.87%
Published
May 13, 2008
Modified
Apr 22, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.
Weaknesses (CWE)
Affected Products (12)
References (18)
