CVE-2005-2225

Name of the Vulnerable Software and Affected Versions: Microsoft MSN Messenger (affected versions not specified) Gaim (affected versions not specified)

Description: The issue allows remote attackers to cause a denial of service by sending a plaintext message containing the ".pif" string. This string is interpreted as a malicious file extension, resulting in users being kicked from a group conversation. It has been reported that this issue may not be specific to Microsoft MSN Messenger, as Gaim is also affected, suggesting a potential problem in the protocol or MSN servers.

Recommendations: For Microsoft MSN Messenger, avoid using the protocol to send or receive messages containing the .pif string until a fix is available. For Gaim, restrict the use of the MSN protocol to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.