Microsoft Windows Saved Search Remote Code Execution
Severity: : Critical
CVE Kennungen: : CVE-2008-1435,MS08-038
Advisory Date: 21 de июля de 2015
DESCRIPTION
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1002622
Trend Micro Deep Security DPI Rule Name: 1002622 - Microsoft Windows Saved Search Remote Code Execution
AFFECTED SOFTWARE AND VERSION:
- microsoft windows-nt 2008
- microsoft windows_vista