Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
msn messenger vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-1831
Microsoft MSN Messenger Service 1.0 up to and including 4.6 allows remote malicious users to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field.
Microsoft Msn Messenger 2.0
Microsoft Msn Messenger 3.0
Microsoft Msn Messenger 3.6
Microsoft Msn Messenger 4.0
Microsoft Msn Messenger 4.5
Microsoft Msn Messenger 4.6
Microsoft Msn Messenger 1.0
Microsoft Msn Messenger 2.2
1 EDB exploit
5
CVSSv2
CVE-2002-1698
Buffer overflow in Microsoft MSN Messenger Service 1.0 up to and including 4.6 allows remote malicious users to cause a denial of service (crash) via a long FN (font) argument in the message header.
Microsoft Msn Messenger 3.0
Microsoft Msn Messenger 3.6
Microsoft Msn Messenger 1.0
Microsoft Msn Messenger 2.0
Microsoft Msn Messenger 2.2
Microsoft Msn Messenger 4.0
Microsoft Msn Messenger 4.5
Microsoft Msn Messenger 4.6
5
CVSSv2
CVE-2002-0472
MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows remote malicious users to spoof messages from other users.
Microsoft Msn Messenger 3.6
5
CVSSv2
CVE-2002-0228
Microsoft MSN Messenger allows remote malicious users to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).
Microsoft Msn Messenger 3.0
Microsoft Msn Messenger 4.0
Microsoft Msn Messenger 4.5
Microsoft Msn Messenger 4.6
Microsoft Msn Messenger 2.2
4.3
CVSSv2
CVE-2010-0278
A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote malicious users to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argumen...
Microsoft Windows Live Messenger 2009
1 EDB exploit
4.3
CVSSv2
CVE-2007-5144
Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote malicious users to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new fol...
Microsoft Windows Live Messenger 8.1
4.3
CVSSv2
CVE-2006-3539
Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com Dragon's Kingdom Script 1.0 allow remote malicious users to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the (1) Subject and (2) Message fields in a do=w...
Dkscript Dragons Kingdom Script 1.0
2.6
CVSSv2
CVE-2006-4066
The Graphical Device Interface Plus library (gdiplus.dll) in Microsoft Windows XP SP2 allows context-dependent malicious users to cause a denial of service (application crash) via certain images that trigger a divide-by-zero error, as demonstrated by a (1) .ico file, (2) .png fil...
Microsoft Windows Xp
2.1
CVSSv2
CVE-2006-0363
The "Remember my Password" feature in MSN Messenger 7.5 stores passwords in an encrypted format under the HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Creds registry key, which might allow local users to obtain the original passwords via a program that calls CryptUn...
Microsoft Msn Messenger 7.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3