Executive Summary

Title MSN Messenger and Windows Live Messenger webcam stream heap overflow
Name VU#166521 First vendor Publication 2007-08-28
Vendor VU-CERT Last vendor Modification 2007-09-13
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


Vulnerability Note VU#166521

MSN Messenger and Windows Live Messenger webcam stream heap overflow


MSN Messenger fails to properly handle webcam streams, which may allow a remote attacker to execute arbitrary code.

I. Description

MSN Messenger is an instant messaging application. Starting with version 8, MSN Messenger was renamed to Windows Live Messenger. Windows Live Messenger and some versions of MSN Messenger support the use of webcams. MSN Messenger and Windows Live Messenger appear to require user interaction to connect a webcam stream.

MSN Messenger and Windows Live Messenger contain a heap overflow in the handling of a malformed webcam streams. Exploit code for this vulnerability is publicly available.

II. Impact

By convincing a user to accept a webcam invitation, a remote attacker may be able to execute arbitrary code with the privileges of the user.

III. Solution

Apply an update

This issue is addressed by Microsoft Security Bulletin MS07-054. This update provides fixed versions of MSN Messenger 6.2, 7.0, 7.5, and Windows Live Messenger 8.0

Do not accept webcam invitations

If you are unable to install a fixed version, do not accept any webcam invitations, regardless of the source.

Systems Affected

VendorStatusDate Updated
Microsoft CorporationVulnerable28-Aug-2007




This vulnerability was publicly reported by team509.

This document was written by Will Dormann.

Other Information

Date Public01/31/2007
Date First Published08/28/2007 08:54:13 AM
Date Last Updated09/13/2007
CERT Advisory 
CVE NameCVE-2007-2931
Document Revision8

Original Source

Url : http://www.kb.cert.org/vuls/id/166521

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
50 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:2063
Oval ID: oval:org.mitre.oval:def:2063
Title: Vulnerability in MSN Messenger and Windows Live Messenger Could Allow Remote Code Execution
Description: Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.
Family: windows Class: vulnerability
Reference(s): CVE-2007-2931
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): MSN Messenger
Definition Synopsis:

CPE : Common Platform Enumeration

Application 3
Application 1

Open Source Vulnerability Database (OSVDB)

Id Description
40126 MSN Messenger Video Conversation Handling Remote Overflow

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt
RuleID : 20554 - Revision : 10 - Type : PUA-OTHER
2014-01-10 Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt
RuleID : 17551 - Revision : 11 - Type : PUA-OTHER

Nessus® Vulnerability Scanner

Date Description
2007-09-11 Name : Arbitrary code can be executed on the remote host through Messenger service.
File : smb_nt_ms07-054.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-04-26 18:25:47
  • Multiple Updates
2015-05-08 13:27:59
  • Multiple Updates