Vulnerability Details CVE-2008-5828
Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.179
EPSS Ranking 94.8%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2008-5828
-
cpe:2.3:a:microsoft:windows_live_messenger:-
-
cpe:2.3:a:microsoft:windows_live_messenger:8.0
-
cpe:2.3:a:microsoft:windows_live_messenger:8.1
-
cpe:2.3:a:microsoft:windows_live_messenger:8.5
-
cpe:2.3:a:microsoft:windows_live_messenger:8.5.1