iDefense Security Advisory 05.13.08 – Remote exploitation of a memory corruption vulnerability in Microsoft Corp.’s Word could allow attackers to execute arbitrary code with the privileges of the logged in user. This vulnerability exists in the way Word handles CSS rules in an HTML document. When the number of CSS selectors is above some specific amount, an unspecified object will be corrupted causing Word to access a memory region that has already been freed. iDefense has confirmed fully patched Microsoft Word 2003 SP2, Microsoft Word XP SP3, Microsoft Word 2000 SP3 are vulnerable. Microsoft Word 2003 SP3 and Microsoft Word 2007 do not appear to be affected. Microsoft reports that all supported versions of Word, Word Viewer, and Outlook 2007 are vulnerable.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/66310/05.13.08-1.txt
Source: https://packetstormsecurity.com/files/66310/iDEFENSE-Security-Advisory-2008-05-13.1.html