MS05-022: Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)

This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.

Synopsis :

Arbitrary code can be executed on the remote host through Messenger

Description :

The remote host is running MSN Messenger.

The version of MSN Messenger used on the remote host is vulnerable to a
remote buffer overflow in the way it handles GIF files (with height and
width fields).

An attacker may exploit this vulnerability to execute arbitrary code on
the remote host.

See also :

Solution :

Microsoft has released a set of patches for MSN Messenger 6.2.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 18025 ()

Bugtraq ID: 13114

CVE ID: CVE-2005-0562