Remote Code Execution Vulnerability in Microsoft Windows Live Messenger 2009
CVE-2010-0278

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Live Messenger
Vendor
CVE Published:
12 January 2010

What is CVE-2010-0278?

An ActiveX control in Microsoft Windows Live Messenger 2009 allows remote attackers to trigger a denial of service condition. By manipulating the ViewProfile method with specially crafted arguments during a session, an attacker can cause the application (msnmsgr.exe) to crash, disrupting the user's ability to utilize the messaging service. This vulnerability affects users on the Windows Vista and Windows 7 platforms.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/37680
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/508811/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

24% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.