ID CVE-2008-4269
Summary The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability."
References
Vulnerable Configurations
  • Microsoft Windows Server 2008
    cpe:2.3:o:microsoft:windows_server_2008
  • cpe:2.3:o:microsoft:windows_server_2008:-:itanium
    cpe:2.3:o:microsoft:windows_server_2008:-:itanium
  • cpe:2.3:o:microsoft:windows_server_2008:-:x32
    cpe:2.3:o:microsoft:windows_server_2008:-:x32
  • cpe:2.3:o:microsoft:windows_server_2008:-:x64
    cpe:2.3:o:microsoft:windows_server_2008:-:x64
  • cpe:2.3:o:microsoft:windows_vista:-:x64
    cpe:2.3:o:microsoft:windows_vista:-:x64
  • Microsoft Windows Vista gold
    cpe:2.3:o:microsoft:windows_vista:-:gold
  • Microsoft Windows Vista Service Pack 1 (initial release)
    cpe:2.3:o:microsoft:windows_vista:-:sp1
  • Microsoft Windows Vista Service Pack 1 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp1:x64
CVSS
Base: 8.5 (as of 11-12-2008 - 10:06)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
msbulletin via4
bulletin_id MS08-075
bulletin_url
date 2008-12-09T00:00:00
impact Remote Code Execution
knowledgebase_id 959349
knowledgebase_url
severity Critical
title Vulnerabilities in Windows Search Could Allow Remote Code Execution
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS08-075.NASL
description The remote version of Windows contains a version of the Windows Shell that contains a vulnerability in the way it handles saved seaches. An attacker might use this flaw to trick an administrator to execute a saved search and therefore execute arbitrary commands on his behalf.
last seen 2019-02-21
modified 2018-11-15
plugin id 35074
published 2008-12-10
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=35074
title MS08-075: Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349)
oval via4
accepted 2011-11-21T04:13:14.867-05:00
class vulnerability
contributors
  • name Jeff Ito
    organization Secure Elements, Inc.
  • name Prashanth A.
    organization SecPod Technologies
definition_extensions
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows Vista (32-bit) Service Pack 1 is installed
    oval oval:org.mitre.oval:def:4873
  • comment Microsoft Windows Vista x64 Edition Service Pack 1 is installed
    oval oval:org.mitre.oval:def:5254
  • comment Microsoft Windows Server 2008 (ia-64) is installed
    oval oval:org.mitre.oval:def:5667
description The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability."
family windows
id oval:org.mitre.oval:def:6110
status accepted
submitted 2008-12-09T13:52:00-05:00
title Windows Search Parsing Vulnerability
version 35
refmap via4
cert TA08-344A
ms MS08-075
sectrack 1021366
secunia 33053
vupen ADV-2008-3387
saint via4
bid 32652
description Windows search-ms protocol handler command execution vulnerability
id win_patch_explorer1
osvdb 50566
title windows_search_ms_cmd
type client
Last major update 07-03-2011 - 22:12
Published 10-12-2008 - 09:00
Last modified 12-10-2018 - 17:48
Back to Top