Vulnerability Note VU#468227

Microsoft Vista and Server 2008 vulnerable to memory corruption via saved search

Original Release date: 09 Dec 2008 | Last revised: 09 Dec 2008

Overview

Microsoft Windows Vista and Server 2008 contain a memory corruption vulnerability when saving a specially crafted search file. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

Description

In Windows Vista and Server 2008, users can save searches as a search folder that is generated by a .search-ms XML file. Microsoft Windows fails to properly parse .search-ms files, which can result in memory corruption.

Impact

By convincing a user to save a specially crafted search specified by a .search-ms file, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.

Solution

Apply an update

This vulnerability is addressed in Microsoft Security Bulletin MS08-075. This bulletin also includes several workarounds, including changing the file association for .search-ms files and denying the ability to save searches.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-09 Dec 2008
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Andre Protas of eEye for reporting this vulnerability.

This document was written by Will Dormann.

Other Information

  • CVE IDs: CVE-2008-4268
  • Date Public: 09 Dec 2008
  • Date First Published: 09 Dec 2008
  • Date Last Updated: 09 Dec 2008
  • Severity Metric: 4.39
  • Document Revision: 6

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.