- Description
- The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search file, aka "Windows Saved Search Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 8.5
- Impact score
- 10
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:C/I:C/A:C
- nvd@nist.gov
- CWE-399
- Hype score
- Not currently trending
- Comment
- http://www.microsoft.com/technet/security/Bulletin/MS08-075.mspx Windows Saved Search Vulnerability - CVE-2008-4268 A remote code execution vulnerability exists when saving a specially crafted search file within Windows Explorer. This operation causes Windows Explorer to exit and restart in an exploitable manner.
- Impact
- -
- Solution
- -
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D34A558F-A656-43EB-AC52-C3710F77CDD8"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"
}
],
"operator": "OR"
}
]
}
]