Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0239

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-0239
Last Modified 21 Aug 2010 01:29:59
Published 10 Jun 2009 02:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0239

Summary

Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result, aka "Script Execution in Windows Search Vulnerability."

Vulnerable Systems

Application

  • Microsoft Windows Search 4.0


References

CERT - TA09-160A

MS - MS09-023

VUPEN - ADV-2009-1542

SECTRACK - 1022353

SECUNIA - 35366

OSVDB - 54935


Last Updated: 27 May 2016 10:50:10