Microsoft Msn Messenger — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Msn Messenger, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2004-0597 — CVSS 10.0 (critical): Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via…
CVE-2007-2931 — CVSS 9.3 (critical): Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to…
CVE-2005-0562 — CVSS 7.5 (high): GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image…
CVE-2002-0155 — CVSS 7.5 (high): Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6…
CVE-2002-1831 — CVSS 5.0 (medium): Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via an invite request that…
CVE-2004-0122 — CVSS 5.0 (medium): Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files.
CVE-2007-3436 — CVSS 5.0 (medium): Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP…
CVE-2002-0228 — CVSS 5.0 (medium): Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as…
CVE-2002-0472 — CVSS 5.0 (medium): MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows…
CVE-2002-1698 — CVSS 5.0 (medium): Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long…
CVE-2006-0363 — CVSS 2.1 (low): The "Remember my Password" feature in MSN Messenger 7.5 stores passwords in an encrypted format under the HKEY_CURRENT_USER\Software\Microso…