Remote Code Execution Vulnerability in MSN Messenger by Microsoft
CVE-2005-0562

Currently unrated

Key Information:

Vendor: Microsoft
Status: Msn Messenger
Vendor: CVE Published:; 12 April 2005

Summary

A vulnerability in MSN Messenger 6.2 allows remote attackers, who are in a user's contact list, to execute arbitrary code by sending a crafted GIF image with incorrect height and width parameters. If successful, this exploitation enables the attacker to gain control over the affected system. Proper validation of GIF files is essential to mitigate such risks and safeguard user data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/19950

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/633446

third-party-advisoryx_refsource_CERT-VN

http://secunia.com/advisories/14915/

third-party-advisoryx_refsource_SECUNIA

EPSS Score

40% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 12, 2005
Vulnerability Reserved
Feb 26, 2005