CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2225

Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the ".pif" string, which is interpreted as a malicious file extension and causes users to be kicked from a group conversation. NOTE: it has been reported that Gaim is also affected, so this may be an issue in the protocol or MSN servers.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.097

EPSS Ranking 92.5%

CVSS Severity

CVSS v2 Score 5.0

References

http://securitytracker.com/id?1014444
http://www.digitalparadox.org/viewadvisories.ah?view=45
http://www.messenger-blog.com/?p=146
http://securitytracker.com/id?1014444
http://www.digitalparadox.org/viewadvisories.ah?view=45
http://www.messenger-blog.com/?p=146

Products affected by CVE-2005-2225

Microsoft » Msn Messenger Service » Version: N/A

cpe:2.3:a:microsoft:msn_messenger_service:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2225

Products

Pricing

Contact Us