CVE-2006-6252Microsoft Windows Live Messenger vulnerability

3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
13.3%
top 5.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Windows Live Messenger
Timeline
PublishedDec 4
Latest updateMay 1

Description

Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote attackers to cause a denial of service (CPU consumption) via a long string composed of ":D" sequences, which are interpreted as emoticons.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-rwg8-hqq6-g2cq: Microsoft Windows Live Messenger 82022-05-01
CVEList
CVE-2006-6252: Microsoft Windows Live Messenger 82006-12-04
CVE-2006-6252 — Microsoft vulnerability | cvebase