Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability
Data de publicação: 21 julho 2015
Schweregrad: : Medium
Identificador(es) CVE: : CVE-2009-0647
Data do informe: 21 julho 2015
Descrição
msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, allows remote attackers to cause a denial of service (application crash) via a modified header in a packet, as possibly demonstrated by a UTF-8.0 value of the charset field in the Content-Type header line. NOTE: this has been reported as a format string vulnerability by some sources, but the provenance of that information is unknown.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1003735
Trend Micro Deep Security DPI Rule Name: 1003735 - Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability
Software infectado e versão:
- microsoft windows_live_messenger 2009