← Back

Windows Messenger

windows_messenger

Vendor: Microsoft • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-0082
1Microsoft
1Windows Messenger
Apr 23, 2026
Aug 13, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact infor...Show more
An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors.Show less
CVE-2004-0597
2Greg Roelofs
Microsoft
6Libpng
Msn MessengerWindows 98se+3 more
Apr 16, 2026
Nov 23, 2004
N/A· v4
N/A· v3
10.0 HIGH· v2
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly v...Show more
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.Show less