Microsoft Windows Saved Search Remote Code Execution
Gravité: : Critique
Identifiant(s) CVE: : CVE-2008-1435,MS08-038
Date du conseil: 21 juillet 2015
Description
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1002622
Trend Micro Deep Security DPI Rule Name: 1002622 - Microsoft Windows Saved Search Remote Code Execution
Affected software and version:
- microsoft windows-nt 2008
- microsoft windows_vista