CVE-2010-0278

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Live Messenger
Vendor: CVE Published:; 12 January 2010

Summary

A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote attackers to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argument during an MSN Messenger session.

References

http://www.securityfocus.com/bid/37680

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/508811/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

4% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 12, 2010
Vulnerability Reserved
Jan 12, 2010

Collectors

NVD DatabaseMitre Database