Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows Search information leak
Published:10.06.2009
Source:
SecurityVulns ID:9980
Type:local
Threat Level:
4/10
Description:Crossite scripting on search results.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2009-0239 (Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result, aka "Script Execution in Windows Search Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-023 - Moderate Vulnerability in Windows Search Could Allow Information Disclosure (963093) (10.06.2009)
Files:Microsoft Security Bulletin MS09-023 - Moderate Vulnerability in Windows Search Could Allow Information Disclosure (963093)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod