MS05-022: Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)
High Nessus Plugin ID 18025
SynopsisArbitrary code can be executed on the remote host through Messenger service.
DescriptionThe remote host is running MSN Messenger.
The version of MSN Messenger used on the remote host is vulnerable to a remote buffer overflow in the way it handles GIF files (with height and width fields).
An attacker may exploit this vulnerability to execute arbitrary code on the remote host.
SolutionMicrosoft has released a set of patches for MSN Messenger 6.2.