Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2008-1434 to a friend New vulnerability? New tool? Tell us	CVE-2008-1434 Microsoft Word CSS Processing Memory Corruption Vulnerability     Credit: The information has been provided by iDefense Labs Security Advisories. The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=700 Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2008-1434 Details Check for CVE-2008-1434 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Microsoft Word 2003 SP2  * Microsoft Word XP SP3  * Microsoft Word 2000 SP3  * Microsoft Word Viewer  * Microsoft Outlook 2007 Immune Systems:  * Microsoft Word 2003 SP3  * Microsoft Word 2007 This vulnerability exists in the way Word handles CSS rules in an HTML document. When the number of CSS selectors is above some specific amount, an unspecified object will be corrupted causing Word to access a memory region that has already been freed. Analysis: Exploitation allows remote attackers to execute arbitrary code on the affected host in the context of the user. Exploitation requires that the user opens a specially crafted HTML document using Microsoft Word. The most likely exploitation vector involves convincing a user to open an HTML document, with a DOC extension, sent to them via e-mail or linked on a website. Workaround: Users of Office 2003 and Office 2007 that have installed all security patches as of May 2007 can use the Microsoft Office File Block policy to prevent opening files of this type. To deploy this workaround, save and import the following registry file for the corresponding version of Office. Office 2003:   Windows Registry Editor Version 5.00   [HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\FileOpenBlock]   "HTMLFiles"=dword:00000001 Office 2007:   Windows Registry Editor Version 5.00   [HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock]   "HTMLFiles"=dword:00000001 Vendor response: Microsoft has officially addressed this vulnerability with Security Bulletin MS08-026. For more information, consult their bulletin at the following URL. http://www.microsoft.com/technet/security/bulletin/ms08-026.mspx CVE Information: CVE-2008-1434 Disclosure timeline: 11/08/2007 - Initial vendor notification 11/08/2007 - Initial vendor response 05/13/2008 - Coordinated public disclosure  Comments on CVE-2008-1434:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®