Denial of Service Vulnerability in Microsoft MSN Messenger on Windows XP
CVE-2007-3436

Currently unrated

Key Information:

Vendor: Microsoft
Status: Msn Messenger
Vendor: CVE Published:; 27 June 2007

Summary

The vulnerability in Microsoft MSN Messenger version 4.7 allows remote attackers to exploit the application through a flood of SIP INVITE requests directed at the designated port used for voice conversations. This results in resource consumption leading to a denial of service, potentially disrupting communication and causing the application to become unresponsive.

References

http://osvdb.org/45427

vdb-entryx_refsource_OSVDB

http://www.sipera.com/index.php?action=resources%2Cthreat...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/35064

vdb-entryx_refsource_XF

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 27, 2007
Vulnerability Reserved
Jun 26, 2007