Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields.
CPE | Name | Operator | Version |
---|---|---|---|
windows_live_messenger | le | 8.5.1 | |
windows_live_messenger | eq | 8.1 | |
windows_live_messenger | eq | 8.0 | |
windows_live_messenger | eq | 8.5 |