CVE-2005-2304

Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote attackers to cause a denial of service crash via an image with an ICC Profile with a large Tag Count...

CVE-2002-1831

Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service crash via an invite request that contains hex-encoded spaces %20 in the Invitation-Cookie field...

SUSE CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

SUSE CVE-2010-4528

directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a short p2pv2 packet in a DirectConnect aka direct connection session...

DEBIAN-CVE-2013-6482

Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service NULL pointer dereference and crash via a crafted 1 SOAP response, 2 OIM XML response, or 3 Content-Length header...

pidgin: Improper validation of incoming plaintext messages in MSN protocol plug-in

msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service application crash by placing these characters in a text/plain message...

CVE-2007-6728

Cross-site scripting XSS vulnerability in XMB 1.5 allows remote attackers to inject arbitrary web script or HTML via the MSN field during user registration...

pidgin: remote DoS via MSN message with crafted file name

Pidgin 2.4.1 allows remote attackers to cause a denial of service crash via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msnslplinkprocessmsg function...

Microsoft Messenger unauthorized ActiveX access

Messenger.UIAutomation.1 ActiveX allows access to applciation functionality...

CVE-2007-6511

Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a 1 RealPlayer G2, 2 MSMSGS, or 3 StoneHttpAgent User-Agent header, which results in a Non-HTTP categorization...

PT-2005-3154 · Gaim +1 · Gaim +1

Name of the Vulnerable Software and Affected Versions: Microsoft MSN Messenger affected versions not specified Gaim affected versions not specified Description: The issue allows remote attackers to cause a denial of service by sending a plaintext message containing the ".pif" string. This string ...

EUVD-2002-1810

Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service crash via an invite request that contains hex-encoded spaces %20 in the Invitation-Cookie field...

Microsoft Security Bulletin MS05-009 Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)

Microsoft Security Bulletin MS05-009 Vulnerability in PNG Processing Could Allow Remote Code Execution 890261 Issued: February 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Media Player, Windows Messenger and MSN Messenger Impact of Vulnerability:...

Microsoft Messenger (Linux) - Denial of Service (MS03-043)

/ Mon Oct 20 14:26:55 NZDT 2003 Re-written By VeNoMouS to be ported to linux, and tidy it up a little. This was only like a 5 minute port but it works and has been tested. venomgen-x.co.nz greets to str0ke and defy DoS Proof of Concept for MS03-043 - exploitation shouldn't be too hard. Launching ...

Microsoft Messenger (Linux) - Denial of Service (MS03-043)

Microsoft Messenger Linux - Denial of Service MS03-043 / Mon Oct 20 14:26:55 NZDT 2003 Re-written By VeNoMouS to be ported to linux, and tidy it up a little. This was only like a 5 minute port but it works and has been tested. venomgen-x.co.nz greets to str0ke and defy DoS Proof of Concept for...

PT-2004-1313 · Microsoft · Msn Messenger

Name of the Vulnerable Software and Affected Versions: Microsoft MSN Messenger versions 6.0 through 6.1 Description: The issue allows remote attackers to read arbitrary files due to improper handling of certain requests. Recommendations: For Microsoft MSN Messenger versions 6.0 through 6.1, at th...

Buffer overflow in Microsoft Messenger Service

Overview There is a buffer overflow in the Microsoft Windows Messenger service that could allow an attacker to execute arbitrary code on most recent versions of Microsoft Windows. Description There is a buffer overflow vulnerability in the Microsoft Windows Messenger service. This could allow an...

CVE-2002-1698

Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service crash via a long FN font argument in the message header...

Microsoft MSN Messenger Chat Control contains a buffer overflow in "ResDLL" parameter

Overview Microsoft's MSN Chat is an ActiveX control for Microsoft Messenger, an instant messaging client. A buffer overflow exists in the ActiveX control that may permit a remote attacker to execute arbitrary code on the system with the privileges of the current user. Description A buffer overflo...

CVE-2002-0228

Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites or DNS-spoofed sites...