2 matches found
CVE-2008-4268
The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search file, aka "Windows Saved Search Vulnerability."...
CVE-2008-1435
CVE-2008-1435 (Windows Saved Search Vulnerability) affects Windows Vista (up to SP1) and Windows Server 2008. A remote code execution flaw arises when saving crafted saved-search (.search-ms) files, due to insecure parsing/handling by Windows Explorer. Exploitation requires a user to open and sav...