Lucene search

Kaspersky LabKLA10397

HistoryAug 31, 2007 - 12:00 a.m.

KLA10397 ACE vulnerability in MSN & Live

2007-08-3100:00:00

Kaspersky Lab

threats.kaspersky.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.3%

JSON

Detect date:

08/31/2007

Severity:

Critical

Description:

A buffer overflow was found in Microsoft Live. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via unspecified vectors.

Affected products:

Microsoft MSN Messenger versions 6.2, 7.0 and 7.5
Microsoft Windows Live Messenger version 8.0

Solution:

Update to latest version

Impacts:

ACE

Related products:

Microsoft MSN Messenger

CVE-IDS:

CVE-2007-29319.3Critical

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2931

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/Microsoft-MSN-Messenger/

threats.kaspersky.com/en/product/Windows-Live-Messenger/

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.3%

JSON

Related for KLA10397