 |
Name:
MS.Live.Messenger.Illegal.Access
|
Released Date:
Feb 15 2008
|
Severity:
medium
|
CVE:
2008-0082
|
MS Bulletin:
ms08-050
|
|
|
|
|
|
|
FortiGuard Center
> Vulnerability Encyclopedia
In-Depth Analysis
|
Description
|
This indicates an attempt to exploit multiple information disclosure vulnerabilities in Microsoft Windows Live Messenger.
With the information that is disclosed, a malicious attacker can control the local Live Messenger. The exploit also reveals personal information from Live Messenger and makes it possible to transfer local audio and video information to a remote location.
|
|
|
|
Impact
|
|
Information Disclosure: remote attackers can gain sensitive information from vulnerable systems.
|
|
|
|
Affected Products
|
Windows Messenger 4.7
Windows Messenger 5.1
|
|
Aliases
|
|
References
|
http://www.microsoft.com/technet/security/Bulletin/ms08-050.mspx
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0082
|
|
Recommended Actions
|
Refer to the vendor's web site for suggested workaround.
http://www.microsoft.com/technet/security/Bulletin/08-050.mspx
|
|
