) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:windows_live_messenger:-:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2009-2544 |
Directory traversal vulnerability in the Marcelo Costa FileServer component 1.0 for Microsoft Windows Live Messenger and Messenger Plus! Live (MPL) allows remote authenticated users to list arbitrary directories and read arbitrary files via a .. (dot dot) in a pathname. Published: July 20, 2009; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2008-5828 |
Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields. Published: January 02, 2009; 2:30:01 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2008-5179 |
Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and Windows Live Messenger allows remote attackers to cause a denial of service (crash) via a crafted Real-time Transport Control Protocol (RTCP) receiver report packet. Published: November 20, 2008; 10:30:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2006-6252 |
Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote attackers to cause a denial of service (CPU consumption) via a long string composed of ":D" sequences, which are interpreted as emoticons. Published: December 04, 2006; 6:28:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |