CVE-2009-0647
Last modified
CVE-2009-0647 is a vulnerability of currently unknown severity. msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, allows remote attackers to cause a denial of service (application crash) via a modified header in a packet, as possibly demonstrated by a UTF-8.0 value of the charset field in the Content-Type header line. NOTE: this has been reported as a format string vulnerability by some sources, but the provenance of that information is unknown.. EPSS estimates a 17.36% chance of exploitation in the next 30 days.
Description
msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, allows remote attackers to cause a denial of service (application crash) via a modified header in a packet, as possibly demonstrated by a UTF-8.0 value of the charset field in the Content-Type header line. NOTE: this has been reported as a format string vulnerability by some sources, but the provenance of that information is unknown.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Live Messenger | 2009 |
References
- http://secunia.com/advisories/33985Vendor Advisory
- http://www.vupen.com/english/advisories/2009/0466Vendor Advisory
- http://secunia.com/advisories/33985Vendor Advisory
- http://www.vupen.com/english/advisories/2009/0466Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-0647?
How severe is CVE-2009-0647?
How do I fix CVE-2009-0647?
Are you affected by CVE-2009-0647?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST