CVE-2008-1457

CVE-2008-1457 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate per-user subscriptions, which allows remote authenticated users to execute arbitrary code via a crafted event subscription request.

Learn more about our Cis Benchmark Audit For Server Software.