Searching msn software vulnerabilities

Buffer overflow in MSN Setup BBS 4.71.0.10 Acti

overflow | Buffer | Setup | BBS | MSN |

Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.


Microsoft MSN Messenger allows remote attackers

information | references | Javascript | navigation | connected | sensitive | Microsoft | Messenger | attackers | possibly | certain | display | ActiveX | object | remote | obtain | allows | sites | names | more | user | site | such | use | MSN | web |

Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).


MSN Messenger Service 3.6, and possibly other v

authentication | exchanging | Messenger | attackers | messages | versions | possibly | between | Service | clients | allows | remote | users | spoof | other | which | weak | uses | MSN |

MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows remote attackers to spoof messages from other users.


Buffer overflow in Microsoft MSN Messenger Serv

Microsoft | Messenger | attackers | overflow | through | Service | Buffer | denial | remote | allows | cause | MSN |

Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header.


Microsoft MSN Messenger Service 1.0 through 4.6

Messenger | attackers | Microsoft | through | Service | denial | remote | allows | cause | MSN |

Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field.


SQL injection vulnerability in getmember.asp in

vulnerability | getmemberasp | arbitrary | injection | attackers | commands | variable | VieBoard | execute | allows | remote | Beta | SQL | msn | via |

SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execute arbitrary SQL commands via the msn variable.


Buffer overflow in the Extract Info Field Funct

overflow | Function | Extract | Buffer | Field | Info |

Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.


Buffer overflow in the MSN protocol plugins (1)

protocol | overflow | plugins | Buffer | MSN |

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.


Buffer overflow in the MSN protocol handler for

protocol | overflow | handler | Buffer | gaim | MSN |

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.


Heap-based buffer overflow in the Hrtbeat.ocx (

Hrtbeatocx | Heap-based | overflow | buffer |

Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.


Buffer overflow in the MSN module in Trillian 0

arbitrary | character | Trillian | overflow | servers | execute | newline | module | string | Buffer | remote | allows | ends | long | 074i | code | MSN | via |

Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character.


Cross-site scripting (XSS) vulnerability in use

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields.


GIF file validation error in MSN Messenger 6.2

validation | arbitrary | Messenger | attackers | improper | contact | execute | height | user's | allows | remote | error | image | width | file | code | list | GIF | via | MSN |

GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image with an improper height and width.


Multiple buffer overflows in the (1) AIM, (2) M

overflows | Multiple | buffer |

Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.


Gaim 1.2.1 and earlier allows remote attackers

Gaim |

Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.


Gaim before 1.3.1 allows remote attackers to ca

before | Gaim |

Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.


Microsoft MSN Messenger allows remote attackers

conversation | interpreted | containing | Messenger | plaintext | extension | malicious | Microsoft | attackers | message | service | causes | remote | allows | string | denial | kicked | group | users | "pif" | cause | which | file | via | MSN |

Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the ".pif" string, which is interpreted as a malicious file extension and causes users to be kicked from a group conversation. NOTE: it has been reported that Gaim is also affected, so this may be an issue in the protocol or MSN servers.


Microsoft MSN Messenger 9.0 and Internet Explor

Messenger | attackers | Microsoft | Explorer | Internet | service | denial | allows | remote | cause | MSN |

Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) via an image with an ICC Profile with a large Tag Count.


Format string vulnerability in ui.c in Textbase

vulnerability | Textbased | Client | string | Format | MSN | uic |

Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function.


Microsoft MSN Messenger 4.7 on Windows XP allow

Messenger | attackers | Microsoft | Windows | service | denial | allows | remote | cause | MSN |

Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP INVITE requests to the port specified for voice conversation.


Software vulnerabilities results 1 to 20 of 35     
Page: 12