CVE-2006-3250

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Live Messenger
Vendor: CVE Published:; 27 June 2006

Summary

Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user.

References

http://www.jaascois.com/exploits/18602016/

x_refsource_MISC

http://www.securityfocus.com/archive/1/438442/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securitydot.net/xpl/exploits/vulnerabilities/artic...

x_refsource_MISC

EPSS Score

4% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 27, 2006
Vulnerability Reserved
Jun 27, 2006

Collectors

NVD DatabaseMitre Database