CVE-2009-0239

Name of the Vulnerable Software and Affected Versions Windows Search versions 4.0

Description A cross-site scripting (XSS) issue allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result.

Recommendations For Windows Search version 4.0, update to a newer version to mitigate the risk.