Microsoft MSN Messenger Information Disclosure Vulnerability
BID:9828
Info
Microsoft MSN Messenger Information Disclosure Vulnerability
| Bugtraq ID: | 9828 |
| Class: | Design Error |
| CVE: |
CVE-2004-0122 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 09 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Discovery is credited to qFox and Mephisto. |
| Vulnerable: |
Microsoft MSN Messenger Service 6.1 Microsoft MSN Messenger Service 6.0 |
| Not Vulnerable: | |
Discussion
Microsoft MSN Messenger Information Disclosure Vulnerability
Microsoft MSN Messenger is prone to an information disclosure vulnerability. When a malformed file transfer request is initiated by a remote user, they may be able to view the contents of files on the remote system.
Microsoft MSN Messenger is prone to an information disclosure vulnerability. When a malformed file transfer request is initiated by a remote user, they may be able to view the contents of files on the remote system.
Exploit / POC
Microsoft MSN Messenger Information Disclosure Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Microsoft MSN Messenger Information Disclosure Vulnerability
Solution:
An updated version of MSN Messenger is available for download at:
http://messenger.msn.com/
Solution:
An updated version of MSN Messenger is available for download at:
http://messenger.msn.com/
References
Microsoft MSN Messenger Information Disclosure Vulnerability
References:
References:
- Microsoft Security Bulletin MS04-010 (Microsoft)