2 results (0.002 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 3

Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the ".pif" string, which is interpreted as a malicious file extension and causes users to be kicked from a group conversation. NOTE: it has been reported that Gaim is also affected, so this may be an issue in the protocol or MSN servers. • http://securitytracker.com/id?1014444 http://www.digitalparadox.org/viewadvisories.ah?view=45 http://www.messenger-blog.com/?p=146 •

CVSS: 7.5EPSS: 5%CPEs: 5EXPL: 0

Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX. Desbordamiento de búfer en el control ActiveX Microsoft MSN Chat, usado en MSN Messenger 4.5 y 4.6, y Exchange Instant Messenger 4.5 y 4.6, permite a atacantes remotos ejecutar código arbitrario mediante un parámetro ResDLL largo en el OCX MSNChat. • http://marc.info/?l=bugtraq&m=102089960531919&w=2 http://www.cert.org/advisories/CA-2002-13.html http://www.iss.net/security_center/static/9041.php http://www.securityfocus.com/bid/4707 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-022 •