Описание
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
Ссылки
- Vendor Advisory
- US Government Resource
- Vendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:microsoft:windows-nt:2008:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.50685
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
EPSS
Процентиль: 98%
0.50685
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94