CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 3CVE-2005-2225
https://notcve.org/view.php?id=CVE-2005-2225
12 Jul 2005 — Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the ".pif" string, which is interpreted as a malicious file extension and causes users to be kicked from a group conversation. NOTE: it has been reported that Gaim is also affected, so this may be an issue in the protocol or MSN servers. • http://securitytracker.com/id?1014444 •
CVSS: 9.8EPSS: 19%CPEs: 5EXPL: 0CVE-2002-0155
https://notcve.org/view.php?id=CVE-2002-0155
29 May 2002 — Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX. Desbordamiento de búfer en el control ActiveX Microsoft MSN Chat, usado en MSN Messenger 4.5 y 4.6, y Exchange Instant Messenger 4.5 y 4.6, permite a atacantes remotos ejecutar código arbitrario mediante un parámetro ResDLL largo en el OCX MSNChat. • http://marc.info/?l=bugtraq&m=102089960531919&w=2 •