What is the severity of CVE-2007-5144?

CVE-2007-5144 has a medium severity rating due to its potential for causing application and system crashes.

How do I fix CVE-2007-5144?

To mitigate CVE-2007-5144, it is recommended to upgrade to a newer version of Windows Live Messenger, if available.

What types of attacks are possible with CVE-2007-5144?

CVE-2007-5144 allows for denial of service attacks and the potential execution of arbitrary code by exploiting a buffer overflow.

Which versions of software are affected by CVE-2007-5144?

CVE-2007-5144 specifically affects Microsoft Windows Live Messenger version 8.1.

Is user interaction required for exploiting CVE-2007-5144?

Yes, CVE-2007-5144 requires user-assisted actions to trigger the vulnerability, typically by opening a manipulated file.

Vulnerability/
CVE-2007-5144

medium

4.3

CWE

119

1/10/2007

7/8/2024

CVE-2007-5144: Buffer Overflow

First published: Mon Oct 01 2007(Updated: )

Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft MSN Messenger	=8.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-5144?
CVE-2007-5144 has a medium severity rating due to its potential for causing application and system crashes.
How do I fix CVE-2007-5144?
To mitigate CVE-2007-5144, it is recommended to upgrade to a newer version of Windows Live Messenger, if available.
What types of attacks are possible with CVE-2007-5144?
CVE-2007-5144 allows for denial of service attacks and the potential execution of arbitrary code by exploiting a buffer overflow.
Which versions of software are affected by CVE-2007-5144?
CVE-2007-5144 specifically affects Microsoft Windows Live Messenger version 8.1.
Is user interaction required for exploiting CVE-2007-5144?
Yes, CVE-2007-5144 requires user-assisted actions to trigger the vulnerability, typically by opening a manipulated file.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/last-modified-date
agent/weakness
agent/author
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/microsoft
canonical/microsoft msn messenger
version/microsoft msn messenger/8.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.