Description
Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user.
Affected products
- Microsoft / windows_live_messenger8.0 – 8.0
References
- MISChttp://www.jaascois.com/exploits/18602016/
- MISChttp://www.securityfocus.com/archive/1/438442/100/0/threaded
- MISChttp://securitydot.net/xpl/exploits/vulnerabilities/articles/1108/exploit.html
- MISChttp://securitytracker.com/id?1016373
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/27417
- MISChttp://www.securityfocus.com/bid/18639