Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4268

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2008-4268
Last Modified 07 Mar 2011 10:12:12
Published 10 Dec 2008 09:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2008-4268

Summary

The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search file, aka "Windows Saved Search Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows Server 2008

  • Microsoft Windows Vista


References

CERT - TA08-344A

VUPEN - ADV-2008-3387

SECTRACK - 1021366

MS - MS08-075

SECUNIA - 33053


Last Updated: 27 May 2016 10:48:26