Windows Search Parsing Vulnerability
Gravità: : Alto
Identificatori CVE: CVE-2008-4269,MS08-075
Data notifica: 15 febbraio 2011
Descrizione
The search-ms protocol handler in Windows Explorer in Microsoft
Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data
obtained from incorrect parsing, which allows remote attackers to execute
arbitrary code via a crafted HTML document, aka "Windows Search Parsing
Vulnerability."
Based on MS08-075, Windows Search
Parsing Vulnerability - CVE-2008-4269 is a remote code execution vulnerability
exists in Windows Explorer that allows an attacker to construct a malicious web
page that includes a call to the search-ms protocol handler. The protocol
handler in turn passes untrusted data to Windows Explorer.
Informazioni esposizione:
Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1003115
Trend Micro Deep Security DPI Rule Name: 1003115 - Windows Search Parsing Vulnerability
Software e versione interessati:
- microsoft windows_server_2008
- microsoft windows_vista