CVE-2007-5144 - Vulnerability Details - OpenCVE

Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows Live Messenger

Configuration 1 [-]

cpe:2.3:a:microsoft:windows_live_messenger:8.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lostmon.blogspot.com/2007/09/windows-live-messenger-jpg-overflow.html
http://osvdb.org/45523
http://www.securityfocus.com/bid/25795

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-01T00:00:00

Updated: 2024-08-07T15:24:40.948Z

Reserved: 2007-09-30T00:00:00

Link: CVE-2007-5144

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-10-01T05:17:00.000

Modified: 2024-11-21T00:37:14.317

Link: CVE-2007-5144

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-22T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2008-11-15T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "45523", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/45523"}, {"tags": ["x_refsource_MISC"], "url": "http://lostmon.blogspot.com/2007/09/windows-live-messenger-jpg-overflow.html"}, {"name": "25795", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25795"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5144", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "45523", "refsource": "OSVDB", "url": "http://osvdb.org/45523"}, {"name": "http://lostmon.blogspot.com/2007/09/windows-live-messenger-jpg-overflow.html", "refsource": "MISC", "url": "http://lostmon.blogspot.com/2007/09/windows-live-messenger-jpg-overflow.html"}, {"name": "25795", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25795"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:24:40.948Z"}, "title": "CVE Program Container", "references": [{"name": "45523", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/45523"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lostmon.blogspot.com/2007/09/windows-live-messenger-jpg-overflow.html"}, {"name": "25795", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25795"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5144", "datePublished": "2007-10-01T00:00:00", "dateReserved": "2007-09-30T00:00:00", "dateUpdated": "2024-08-07T15:24:40.948Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:windows_live_messenger:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "2748131C-69BF-41B6-B98D-006BA6CFB0D6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el motor GDI de Windows Live Messenger, tal y como se utiliza en MSN Live 8.1, permite a atacantes remotos con la complicidad del usuario provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n o ca\u00edda del sistema) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n al situar un fichero malformado en una carpeta nueva bajo la ruta Carpetas Compartidas, y disparando una operaci\u00f3n de sincronizaci\u00f3n a trav\u00e9s del servicio en l\u00ednea Windows MSN Live, posiblemente relativo a atributos de fichero extendidos y posiblemente relativo a un parche incompleto para MS07-046, como se demuestra con un fichero (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, \u00f3 (5) .ico."}], "id": "CVE-2007-5144", "lastModified": "2024-11-21T00:37:14.317", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-10-01T05:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lostmon.blogspot.com/2007/09/windows-live-messenger-jpg-overflow.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/45523"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25795"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lostmon.blogspot.com/2007/09/windows-live-messenger-jpg-overflow.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/45523"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25795"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}