TITLE: Microsoft MSN Messenger GIF Image Processing Vulnerability SECUNIA ADVISORY ID: SA14915
VERIFY ADVISORY: http://secunia.com/advisories/14915/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Microsoft MSN Messenger 6.x http://secunia.com/product/1902/ DESCRIPTION: A vulnerability in MSN Messenger, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the processing of GIF images and can be exploited by sending a specially crafted emoticon or display picture to a user. Successful exploitation allows execution of arbitrary code with the privileges of the user running MSN Messenger, but requires that it is possible to send messages to the user (only possible for people in a user's contact list by default). The vulnerability affects versions 6.2 and 7.0 beta. SOLUTION: Apply patch. MSN Messenger 6.2: http://www.microsoft.com/downloads/details.aspx?FamilyId=12750556-D4D0-42D6-9F05-1FF3C799BB10 ORIGINAL ADVISORY: MS05-022 (KB896597): http://www.microsoft.com/technet/security/Bulletin/MS05-022.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
