CVSS: 5.5EPSS: 26%CPEs: 3EXPL: 2CVE-2010-0278 – Microsoft Windows Live Messenger 2009 - ActiveX Denial of Service
https://notcve.org/view.php?id=CVE-2010-0278
12 Jan 2010 — A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote attackers to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argument during an MSN Messenger session. Cierto control ActiveX en msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build v14.0.8089.726 en Windows Vista y Windows v7 permite a atacantes remotos producir una denegación de servic... • https://www.exploit-db.com/exploits/11070 •
CVSS: 7.5EPSS: 18%CPEs: 1EXPL: 0CVE-2009-0647
https://notcve.org/view.php?id=CVE-2009-0647
19 Feb 2009 — msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, allows remote attackers to cause a denial of service (application crash) via a modified header in a packet, as possibly demonstrated by a UTF-8.0 value of the charset field in the Content-Type header line. NOTE: this has been reported as a format string vulnerability by some sources, but the provenance of that information is unknown. El archivo msnmsgr.exe en Windows Live Messenger (WLM) 2009, build 14.0.8064... • http://secunia.com/advisories/33985 • CWE-20: Improper Input Validation •