Heap-based Buffer Overflow in Microsoft MSN Messenger and Live Messenger
CVE-2007-2931

Currently unrated

Key Information:

Vendor: Microsoft
Status: Msn Messenger; Windows Live Messenger
Vendor: CVE Published:; 31 August 2007

Summary

A vulnerability exists in Microsoft MSN Messenger and Live Messenger that allows user-assisted remote attackers to execute arbitrary code. This issue arises from a heap-based buffer overflow condition related to video conversation handling. Specifically, the flaw can be exploited during Web Cam and video chat sessions, posing significant risks to users and their data security.

References

http://secunia.com/advisories/26570

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/36314

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/25461

vdb-entryx_refsource_BID

EPSS Score

77% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 31, 2007
Vulnerability Reserved
May 30, 2007