CVE-2008-0082

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Messenger
Vendor: CVE Published:; 13 August 2008

Summary

An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.vupen.com/english/advisories/2008/2354

vdb-entryx_refsource_VUPEN

http://www.us-cert.gov/cas/techalerts/TA08-225A.html

third-party-advisoryx_refsource_CERT

EPSS Score

83% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 13, 2008
Vulnerability Reserved
Jan 3, 2008

Collectors

NVD DatabaseMitre Database