{"vuid":"VU#166521","idnumber":"166521","name":"MSN Messenger and Windows Live Messenger webcam stream heap overflow","keywords":["MSN Messenger","Windows Live Messenger","ms07-054","ms07-sep"],"overview":"MSN Messenger fails to properly handle webcam streams, which may allow a remote attacker to execute arbitrary code.","clean_desc":"MSN Messenger is an instant messaging application. Starting with version 8, MSN Messenger was renamed to Windows Live Messenger. Windows Live Messenger and some versions of MSN Messenger support the use of webcams. MSN Messenger and Windows Live Messenger appear to require user interaction to connect a webcam stream. MSN Messenger and Windows Live Messenger contain a heap overflow in the handling of a malformed webcam streams. Exploit code for this vulnerability is publicly available.","impact":"By convincing a user to accept a webcam invitation, a remote attacker may be able to execute arbitrary code with the privileges of the user.","resolution":"Apply an update\nThis issue is addressed by Microsoft Security Bulletin MS07-054. This update provides fixed versions of MSN Messenger 6.2, 7.0, 7.5, and Windows Live Messenger 8.0","workarounds":"Do not accept webcam invitations If you are unable to install a fixed version, do not accept any webcam invitations, regardless of the source.","sysaffected":"","thanks":"This vulnerability was publicly reported by team509.","author":"This document was written by Will Dormann.","public":["http://secunia.com/advisories/26570/","http://www.microsoft.com/technet/security/bulletin/ms07-054.mspx"],"cveids":["CVE-2007-2931"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-08-22T01:02:13Z","publicdate":"2007-01-31T00:00:00Z","datefirstpublished":"2007-08-28T12:54:10Z","dateupdated":"2007-09-13T14:20:57Z","revision":8,"vrda_d1_directreport":"1","vrda_d1_population":"4","vrda_d1_impact":"4","cam_widelyknown":"3","cam_exploitation":"0","cam_internetinfrastructure":"7","cam_population":"14","cam_impact":"15","cam_easeofexploitation":"6","cam_attackeraccessrequired":"15","cam_scorecurrent":"3.54375","cam_scorecurrentwidelyknown":"9.568125","cam_scorecurrentwidelyknownexploited":"16.655625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":3.54375,"vulnote":null}