HomePentest-Tools.com Logo

Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426) CVE-2008-2540

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

This host is missing a critical security update according to Microsoft Bulletin MS09-015.

Risk description

The flaw is due to an error in the way SearchPath function in Windows locates and opens files on the system. Remote attackers could execute arbitrary code by convincing a user to download a crafted file to a specific location, and then open an application that loads the file.

Recommendation

The vendor has released updates. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 3, 2008
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available