MS07-054: Vulnerability in MSN Messenger and Windows Live Messenger Could Allow Remote Code Execution (942099)
High Nessus Plugin ID 26019
SynopsisArbitrary code can be executed on the remote host through Messenger service.
DescriptionThe remote host is running MSN Messenger or Windows Live Messenger.
The version of Messenger used on the remote host is vulnerable to a remote buffer overflow in the way it handles webcam and video chat sessions. An attacker may exploit this vulnerability to execute arbitrary code on the remote host.
SolutionMicrosoft has released a set of patches for MSN Messenger 6.2, 7.0, 7.5 and 8.0.