CVE-2008-5828

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Live Messenger
Vendor: CVE Published:; 2 January 2009

Summary

Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields.

References

http://securityreason.com/securityalert/4862

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/499624/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Jan 2, 2009
Vulnerability Reserved
Jan 2, 2009

Collectors

NVD DatabaseMitre Database