Microsoft: >> Windows Messenger >> 4.7 Security Vulnerabilities
An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors.
CVSS Score
10.0
EPSS Score
0.628
Published
2008-08-13