Microsoft MSN Messenger and Windows Live Messenger Remote Code Execution Vulnerability (942099) (deprecated)

high Nessus Network Monitor Plugin ID 4211


Arbitrary code can be executed on the remote host through MSN or Windows Live Messenger.


The remote host is running MSN Messenger or Windows Live Messenger. The version of Messenger used on the remote host is vulnerable to a remote buffer overflow in the way it handles webcam and video chat sessions. An attacker may exploit this vulnerability to execute arbitrary code on the remote host.


Upgrade or patch according to vendor recommendations.

See Also

Plugin Details

Severity: High

ID: 4211

Published: 9/11/2007

Updated: 9/16/2018

Dependencies: 2599

Nessus ID: 26019

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Reference Information

CVE: CVE-2007-2931