Astra Linux - уязвимость в thunderbird

The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have known vulnerabilities that have been exploited in the wild although we know of none exploited through Thunderbird. Therefore, in thi...

Initial Access – search-ms URI Handler

Microsoft search protocol enables clients to initiate connections against an enterprise search service such as SharePoint or WebDav. During these search connections the protocol server… Continue reading - Initial Access - search-ms URI Handler...

The Tale of Two Exploits - Breaking Down CVE-2023-36884 and the Infection Chain

The Tale of Two Exploits - Breaking Down CVE-2023-36884 and the Infection Chain By Chintan Shah · August 24, 2023 Executive Summary On July 11 2023, Microsoft released a patch fixing multiple actively exploited RCE vulnerabilities and disclosed a phishing campaign conducted by the threat actor,...

New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks

Malicious actors are using a legitimate Rust-based injector called Freeze.rs to deploy a commodity malware called XWorm in victim environments. The novel attack chain, detected by Fortinet FortiGuard Labs on July 13, 2023, is initiated via a phishing email containing a booby-trapped PDF file. It...

CVE-2022-34478

The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild although we know of none exploited through Thunderbird, so in this release...

CVE-2022-34478

Summary: CVE-2022-34478 affects Thunderbird on Windows, where the ms-msdt, search, and search-ms protocols could deliver content to Microsoft apps via prompts opened by user interaction. The underlying risk is exploitation of a prompt-based handling in these protocols that bypasses the browser. T...

CVE-2022-34478

The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild although we know of none exploited through Thunderbird, so in this release...

Mozilla Firefox ESR < 91.11

The version of Firefox ESR installed on the remote Windows host is prior to 91.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-25 advisory. - The Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of...

Windows search-ms protocol handler command execution vulnerability

Added: 12/11/2008 CVE: CVE-2008-4269 BID: 32652 OSVDB: 50566 Background The search-ms protocol allows applications to query the Windows Search index. Problem A vulnerability in Windows allows command execution when a user follows a specially crafted search-ms URL which passes arbitrary arguments ...

Microsoft Windows search-ms协议解析远程代码执行漏洞（MS08-075）

BUGTRAQ ID: 32652 CVECAN ID: CVE-2008-4269 Microsoft Windows是微软发布的非常流行的操作系统。 Windows资源管理器在解析search-ms协议时没有正确地处理参数，如果用户访问了恶意站点并通过特殊方式调用了search-ms协议处理器的话，就可能导致执行任意代码。 Microsoft Windows Vista SP1 Microsoft Windows Vista Microsoft Windows Server 2008 临时解决方法： 在Windows资源管理器中禁用search-ms协议处理程序。 使用交互方法 1...

Windows search-ms protocol handler command execution vulnerability

Added: 12/11/2008 CVE: CVE-2008-4269 BID: 32652 OSVDB: 50566 Background The search-ms protocol allows applications to query the Windows Search index. Problem A vulnerability in Windows allows command execution when a user follows a specially crafted search-ms URL which passes arbitrary arguments ...

CVE-2008-4269

The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability....

PT-2008-5549 · Microsoft · Windows Server 2008 +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue concerns a remote code execution vulnerability in Windows Explorer. It allows an attacker to construct a malicious web page that includes a call to the search-ms...

Microsoft Windows Search multiple security vulnerabilities

Code execution with saved search results and with search-ms: URI...

Microsoft Windows 'search-ms' Protocol Parsing Remote Code Execution Vulnerability

Description Microsoft Windows Explorer is prone to a remote code-execution vulnerability that affects the 'search-ms' protocol handler. An attacker could exploit this issue by enticing a victim to visit a maliciously crafted website. Successfully exploiting this issue would allow the attacker to...

Microsoft Windows search-ms Protocol Handler Command Execution (MS08-075; CVE-2008-4269)

Windows Search is a standard component of Windows Vista that allows instant search capabilities for most common file and data types.Windows Search has XML-based files that save information about a search in Windows. A remote code execution vulnerability was reported in Windows Explorer which allo...