Intrusion Prevention

Indiatimes.Messenger.Group.Name.Buffer.Overflow

Description

Indiatimes Messenger has a buffer overflow vulnerability. A remote attacker could cause the application to crash or execute arbitrary code on the victim system, by crafting a malformed web page with a long group name argument to the RenameGroup function in the MMClient.MunduMessenger.1 ActiveX object.

Affected Products

Indiatimes Messenger 6.0

Impact

Gain Access.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.
http://messenger.indiatimes.com/

CVE References

CVE-2005-2844