Vulnerabilities > CVE-2005-0562 - Unspecified vulnerability in Microsoft MSN Messenger 6.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image with an improper height and width.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS05-022.NASL |
description | The remote host is running MSN Messenger. The version of MSN Messenger used on the remote host is vulnerable to a remote buffer overflow in the way it handles GIF files (with height and width fields). An attacker may exploit this vulnerability to execute arbitrary code on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18025 |
published | 2005-04-12 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18025 |
title | MS05-022: Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597) |
code |
|
Oval
accepted | 2013-07-08T04:02:56.930-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
description | GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image with an improper height and width. | ||||||||||||||||||||
family | windows | ||||||||||||||||||||
id | oval:org.mitre.oval:def:4927 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2005-04-19T12:00:00.000-04:00 | ||||||||||||||||||||
title | MSN Messenger GIF Size Buffer Overflow | ||||||||||||||||||||
version | 9 |
References
- http://secunia.com/advisories/14915/
- http://www.kb.cert.org/vuls/id/633446
- http://www.us-cert.gov/cas/techalerts/TA05-102A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-022
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19950
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4927