CVE-2008-0082

Name of the Vulnerable Software and Affected Versions Windows Messenger versions 4.7 through 5.1

Description The issue allows remote attackers to control the Messenger application, change its state, obtain contact information, and establish audio or video connections without notification. This is due to an ActiveX control, Messenger.UIAutomation.1, being marked as safe-for-scripting.

Recommendations For Windows Messenger versions 4.7 through 5.1, consider disabling the Messenger.UIAutomation.1 ActiveX control as a temporary workaround to minimize the risk of exploitation. Restrict access to the Messenger application to prevent unauthorized control and data access.