cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2010-0278,https://securityvulnerability.io/vulnerability/CVE-2010-0278,,A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote attackers to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argument during an MSN Messenger session.,Microsoft,Windows Live Messenger,,,0.04473999887704849,false,false,false,false,,false,false,2010-01-12T17:00:00.000Z,0
CVE-2009-0647,https://securityvulnerability.io/vulnerability/CVE-2009-0647,,"msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, allows remote attackers to cause a denial of service (application crash) via a modified header in a packet, as possibly demonstrated by a UTF-8.0 value of the charset field in the Content-Type header line.  NOTE: this has been reported as a format string vulnerability by some sources, but the provenance of that information is unknown.",Microsoft,Windows Live Messenger,,,0.04854999855160713,false,false,false,false,,false,false,2009-02-19T16:00:00.000Z,0
CVE-2008-5828,https://securityvulnerability.io/vulnerability/CVE-2008-5828,,"Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields.",Microsoft,Windows Live Messenger,,,0.0035200000274926424,false,false,false,false,,false,false,2009-01-02T19:00:00.000Z,0
CVE-2008-5179,https://securityvulnerability.io/vulnerability/CVE-2008-5179,,"Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and Windows Live Messenger allows remote attackers to cause a denial of service (crash) via a crafted Real-time Transport Control Protocol (RTCP) receiver report packet.",Microsoft,"Windows Live Messenger,Office Communicator,Office Communications Server",,,0.06476999819278717,false,false,false,false,,false,false,2008-11-20T15:00:00.000Z,0
CVE-2008-0082,https://securityvulnerability.io/vulnerability/CVE-2008-0082,,"An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and ""change state,"" obtain contact information, and establish audio or video connections without notification via unknown vectors.",Microsoft,Windows Messenger,,,0.8309599757194519,false,false,false,false,,false,false,2008-08-13T00:00:00.000Z,0
CVE-2007-5144,https://securityvulnerability.io/vulnerability/CVE-2007-5144,,"Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file.",Microsoft,Windows Live Messenger,,,0.08032000064849854,false,false,false,false,,false,false,2007-10-01T00:00:00.000Z,0
CVE-2007-2931,https://securityvulnerability.io/vulnerability/CVE-2007-2931,,"Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.",Microsoft,"Msn Messenger,Windows Live Messenger",,,0.927590012550354,false,false,false,false,,false,false,2007-08-31T22:00:00.000Z,0
CVE-2006-6252,https://securityvulnerability.io/vulnerability/CVE-2006-6252,,"Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote attackers to cause a denial of service (CPU consumption) via a long string composed of "":D"" sequences, which are interpreted as emoticons.",Microsoft,Windows Live Messenger,,,0.004670000169426203,false,false,false,false,,false,false,2006-12-04T11:00:00.000Z,0
CVE-2006-3250,https://securityvulnerability.io/vulnerability/CVE-2006-3250,,"Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user.",Microsoft,Windows Live Messenger,,,0.04194999858736992,false,false,false,false,,false,false,2006-06-27T18:00:00.000Z,0
CVE-2004-0597,https://securityvulnerability.io/vulnerability/CVE-2004-0597,,"Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.",Microsoft,"Msn Messenger,Libpng,Windows Messenger,Windows Media Player",,,0.917140007019043,false,false,false,false,,false,false,2004-11-23T05:00:00.000Z,0