Lucene search

K

PRIOn knowledge basePRION:CVE-2008-4269

HistoryDec 10, 2008 - 2:00 p.m.

Design/Logic Flaw

2008-12-1014:00:00

PRIOn knowledge base

www.prio-n.com

1

7.5 High

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.2%

The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka “Windows Search Parsing Vulnerability.”

References

secunia.com/advisories/33053

www.securitytracker.com/id?1021366

www.us-cert.gov/cas/techalerts/TA08-344A.html

www.vupen.com/english/advisories/2008/3387

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-075

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6110

7.5 High

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.2%

Related for PRION:CVE-2008-4269

seebug1 cve1 saint4 checkpoint_advisories1 securityvulns2 nessus1 openvas2