[NT] Microsoft Windows Messenger Illegal Access Vulnerability (MS08-050)
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 17 Aug 2008 15:34:18 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Microsoft Windows Messenger Illegal Access Vulnerability (MS08-050)
------------------------------------------------------------------------
SUMMARY
A remote illegal access vulnerability exists in Microsoft Windows Live
Messenger. An attacker can control the Live Messenger via constructing a
malicious web page, once the victim visits this page, the attacker can
control the local Live Messenger, including disclosing personal sensitive
information of Live Messenger, transferring local audio and video
information to remote and so on.
DETAILS
Affected Software Versions:
* Microsoft Windows Live Messenger 4.7 on Windows XP and Windows Server
2003
* Microsoft Windows Live Messenger 5.1 on Windows 2000, Windows XP and
Windows Server 2003
When installing Windows XP, an old edition of MSN Messenger is installed
automatically. The old edition opens the MSN API to develop as an ActiveX
Control, and marks it with "safe".
By using this ActiveX Control, we can control the local MSN Messenger, for
instance: change state, gain current login ID, steal contact-person's
information, send mail using the victim's name, and so on, all of these
functions given by this feature can be considered to be security problems.
Even the user installs a higher edition of MSN Messenger(Windows Live
Messenger), this ActiveX control will not be removed. By using this we
will still be allowed to visit the local Live Messenger.
Solution:
Microsoft has released an advisory for this vulnerability which can be
found at:
<http://www.microsoft.com/technet/security/bulletin/ms08-050.mspx>
http://www.microsoft.com/technet/security/bulletin/ms08-050.mspx
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0082>
CVE-2008-0082
Disclosure Timeline:
2007.05.31 - Vendor notified
2007.05.31 - Vendor responded
2008.XX.XX - Advisory delayed by the vendor many times
2008.08.12 - Coordinated public disclosure
ADDITIONAL INFORMATION
The information has been provided by <mailto:cocoruder@xxxxxxxxx>
cocoruder.
The original article can be found at:
<http://ruder.cdut.net/blogview.asp?logID=270>
http://ruder.cdut.net/blogview.asp?logID=270
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [EXPL] Multiple Cisco IOS Shellcodes
- Next by Date: [NT] Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass (MS08-043)
- Previous by thread: [EXPL] Multiple Cisco IOS Shellcodes
- Next by thread: [NT] Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass (MS08-043)
- Index(es):
Relevant Pages
|
