FILE-IDENTIFY -- Snort has detecte File Type indicators associated with packet data, which it will use to facilitate a flowbit, a method of stringing rules together. In a flowbit, one rule examines packets for file type indications, which it uses to switch rules pertaining to that file type from a dormant to active state in order to process the appropriate packets. File-type rules stay dormant to prevent alerts on innocent traffic. That same traffic, when contained in, for instance, a .doc file attached to an email, might be a threat and should be scanned.
FILE-IDENTIFY Microsoft search file download request
The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search file, aka "Windows Saved Search Vulnerability." Impact: CVSS base score 8.5 CVSS impact score 10.0 CVSS exploitability score 6.8 confidentialityImpact COMPLETE integrityImpact COMPLETE availabilityImpact COMPLETE Details: Ease of Attack:
No information provided
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
CVE-2008-4268 |
Loading description
|