VYPR
Unrated severityNVD Advisory· Published Jun 10, 2009· Updated Jun 16, 2026

CVE-2009-0239

CVE-2009-0239

Description

Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result, aka "Script Execution in Windows Search Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:microsoft:windows_search:4.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:windows_search:4.0:*:*:*:*:*:*:*
    • (no CPE)range: 4.0
  • Range: XP SP2, XP SP3, Server 2003 SP2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.