Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0239


Vulnerability Score 4.3 4.3
CVE Id CVE-2009-0239
Last Modified 21 Aug 2010 01:29:59
Published 10 Jun 2009 02:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result, aka "Script Execution in Windows Search Vulnerability."

Vulnerable Systems


  • Microsoft Windows Search 4.0


CERT - TA09-160A

MS - MS09-023

VUPEN - ADV-2009-1542

SECTRACK - 1022353

SECUNIA - 35366

OSVDB - 54935

Last Updated: 27 May 2016 10:50:10