Filtered by vendor Microsoft Subscriptions
Filtered by product Windows Messenger Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0597 3 Greg Roelofs, Microsoft, Redhat 7 Libpng, Msn Messenger, Windows 98se and 4 more 2024-08-08 N/A
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
CVE-2008-0082 1 Microsoft 1 Windows Messenger 2024-08-07 N/A
An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors.