Vulnerabilities > Microsoft > Windows Messenger > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-08-13 | CVE-2008-0082 | Information Exposure vulnerability in Microsoft Windows Messenger 4.7/5.1 An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors. | 10.0 |
2004-11-23 | CVE-2004-0597 | Remote vulnerability in LibPNG Graphics Library Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. | 10.0 |