Lucene search

[email protected]CVE-2006-6252

HistoryDec 04, 2006 - 11:28 a.m.

CVE-2006-6252

2006-12-0411:28:00

[email protected]

web.nvd.nist.gov

microsoft

windows

live messenger

cve-2006-6252

denial of service

cpu consumption

gestual emoticons

remote attackers

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.3%

JSON

Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote attackers to cause a denial of service (CPU consumption) via a long string composed of “:D” sequences, which are interpreted as emoticons.

Affected configurations

NVD

Node

microsoftwindows_live_messengerRange≤8.0

CPENameOperatorVersion
microsoft:windows_live_messengermicrosoft windows live messengerle8.0

CPE	Name	Operator	Version
microsoft:windows_live_messenger	microsoft windows live messenger	le	8.0

References

www.securityfocus.com/archive/1/452620/100/0/threaded

www.securityfocus.com/archive/1/452645/100/0/threaded

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.3%

JSON

Related for CVE-2006-6252

nvd1 cvelist1