Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability
Publish Date: 21 Juli 2015
Schweregrad:: Mittel
CVE Kennungen:: CVE-2009-0647
Hinweisdatum: 21 Juli 2015
Beschreibung
msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, allows remote attackers to cause a denial of service (application crash) via a modified header in a packet, as possibly demonstrated by a UTF-8.0 value of the charset field in the Content-Type header line. NOTE: this has been reported as a format string vulnerability by some sources, but the provenance of that information is unknown.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1003735
Trend Micro Deep Security DPI Rule Name: 1003735 - Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability
Betroffene Software und Version:
- microsoft windows_live_messenger 2009