Windows Explorer Vulnerability in Microsoft Windows Vista and Server 2008
CVE-2008-1435

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Vista; Windows-nt
Vendor: CVE Published:; 8 July 2008

What is CVE-2008-1435?

The vulnerability in Windows Explorer allows remote attackers to execute arbitrary code on user machines by tricking them into opening crafted saved-search (.search-ms) files. When these files are improperly handled by the system, they can lead to unauthorized actions, putting user data and system integrity at risk. The issue affects Microsoft Windows Vista up to Service Pack 1 and Windows Server 2008, necessitating prompt updates to mitigate potential threats.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://secunia.com/advisories/30953

third-party-advisoryx_refsource_SECUNIA

EPSS Score

50% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2008
Vulnerability Reserved
Mar 21, 2008