SAINT CorporationSAINT:F67FB23669C83B42AB39FE6D45FCDD43Windows search-ms protocol handler command execution vulnerability
8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.946 High
EPSS
Percentile
99.2%
Added: 12/11/2008
CVE: CVE-2008-4269
BID: 32652
OSVDB: 50566
Background
The search-ms protocol allows applications to query the Windows Search index.
Problem
A vulnerability in Windows allows command execution when a user follows a specially crafted search-ms URL which passes arbitrary arguments to Windows Explorer.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 08-075.
References
<http://www.microsoft.com/technet/security/bulletin/ms08-075.mspx>
Limitations
Exploit works on Windows Vista SP0 and requires the target to have access to the specified share.
Before this exploit can succeed, the /exploit.exe file must be downloaded from the exploit server and saved on the specified share.
Platforms
Windows Vista
Related
8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.946 High
EPSS
Percentile
99.2%