PT-2007-4229 · Microsoft · Msn Messenger+1

Published

2007-08-31

Updated

2018-10-12

CVE-2007-2931

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft MSN Messenger versions 6.2 through 7.5 Microsoft Live Messenger version 8.0

Description The issue is related to a heap-based buffer overflow that can be triggered during video conversation handling in Web Cam and video chat sessions, potentially allowing remote attackers to execute arbitrary code.

Recommendations For Microsoft MSN Messenger versions 6.2 through 7.5, update to a version that is not affected by this issue. For Microsoft Live Messenger version 8.0, update to a version that is not affected by this issue. As a temporary workaround, consider disabling video conversation handling in Web Cam and video chat sessions until a patch is available.

Exploit

Fix

Buffer Overflow

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-20

Related Identifiers

CVE-2007-2931

Affected Products

Live Messenger

Msn Messenger

PT-2007-4229 · Microsoft · Msn Messenger+1

CVE-2007-2931

Weakness Enumeration

Related Identifiers

Affected Products

References · 14