Microsoft Windows Saved Search Remote Code Execution
Gravedad: Crítico
Identificadores de CVE : CVE-2008-1435,MS08-038
Fecha recomendada: 21 de julio de 2015
Descripción
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1002622
Trend Micro Deep Security DPI Rule Name: 1002622 - Microsoft Windows Saved Search Remote Code Execution
Software y versión afectados
- microsoft windows-nt 2008
- microsoft windows_vista