Executive Summary
Summary | |
---|---|
Title | Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582) |
Informations | |||
---|---|---|---|
Name | MS08-038 | First vendor Publication | 2008-07-08 |
Vendor | Microsoft | Last vendor Modification | 2008-07-08 |
Severity (Vendor) | Important | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
This security update resolves a publicly reported vulnerability in Windows Explorer that could allow remote code execution when a specially crafted saved-search file is opened and saved. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5600 | |||
Oval ID: | oval:org.mitre.oval:def:5600 | ||
Title: | Windows Saved Search Vulnerability | ||
Description: | Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1435 | Version: | 3 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-02-02 | Name : Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038) File : nvt/secpod_ms08-038.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
46774 | Microsoft Windows Explorer Saved Search File Handling DoS |
43434 | Microsoft Windows Vista NoDriveTypeAutoRun Auto-Play Bypass |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft malformed saved search heap corruption attempt RuleID : 13893 - Revision : 17 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-07-08 | Name : Vulnerabilities in the Windows Shell may allow an attacker to execute privile... File : smb_nt_ms08-038.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:00 |
|
2014-01-19 21:30:13 |
|
2013-05-11 00:49:20 |
|