CVE-2005-2225

Currently unrated

Key Information:

Vendor: Microsoft
Status: Msn Messenger Service
Vendor: CVE Published:; 12 July 2005

Summary

Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the ".pif" string, which is interpreted as a malicious file extension and causes users to be kicked from a group conversation. NOTE: it has been reported that Gaim is also affected, so this may be an issue in the protocol or MSN servers.

References

http://securitytracker.com/id?1014444

vdb-entryx_refsource_SECTRACK

http://www.digitalparadox.org/viewadvisories.ah?view=45

x_refsource_MISC

http://www.messenger-blog.com/?p=146

x_refsource_MISC

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 12, 2005
Vulnerability Reserved
Jul 12, 2005

Collectors

NVD DatabaseMitre Database