Vulnerabilities > CVE-2005-2225 - Unspecified vulnerability in Microsoft MSN Messenger Service

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

NVD

Published: 2005-07-12

Updated: 2024-02-14

Summary

Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the ".pif" string, which is interpreted as a malicious file extension and causes users to be kicked from a group conversation. NOTE: it has been reported that Gaim is also affected, so this may be an issue in the protocol or MSN servers.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft MSN Messenger Service *	1

References

http://www.digitalparadox.org/viewadvisories.ah?view=45
http://www.messenger-blog.com/?p=146
http://securitytracker.com/id?1014444