CVE-2008-0082

EUVD-2008-0095
An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_messenger
4.7
microsoftwindows_messenger
5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://marc.info/?l=bugtraq&m=121915960406986&w=2
http://secunia.com/advisories/31446
http://www.securityfocus.com/archive/1/495467/100/0/threaded
http://www.securityfocus.com/bid/30551
http://www.securitytracker.com/id?1020681
http://www.us-cert.gov/cas/techalerts/TA08-225A.html
http://www.vupen.com/english/advisories/2008/2354
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-050
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5995
http://marc.info/?l=bugtraq&m=121915960406986&w=2
http://secunia.com/advisories/31446
http://www.securityfocus.com/archive/1/495467/100/0/threaded
http://www.securityfocus.com/bid/30551
http://www.securitytracker.com/id?1020681
http://www.us-cert.gov/cas/techalerts/TA08-225A.html
http://www.vupen.com/english/advisories/2008/2354
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-050
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5995