Exploit Database - Logo

Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow

EDB-ID: 4334 Author: wushi Published: 2007-08-29
CVE: CVE-2007-2931 Type: Remote Platform: Windows
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
MSN messenger 7.x (8.0?) VIDEO Remote Heap Overflow Exploit

thanks ole andre again, His ospy is perfect.

1.compile the dll.
2.inject the dll to msn messenger 7.0.777.0 's process.
3. choose "send my webcam" to a contact id who is online using 7.x (8.0?).
4.when the otherside accept the invatation , the otherside's msn will be at least crashed, if you using aChinese version windows 2000 sp4 , maybe a reverse shell , if other verison windows 2000, you need adjust the jmpa address in the dll's sourcecode. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/4334.rar (08292007-exp_msn.rar)

# milw0rm.com [2007-08-29]

Related Exploits

Trying to match CVEs (1): CVE-2007-2931
Trying to match setup file: 2a7a596ea906c78b354e7ff764d18339
Other Possible E-DB Search Terms: Microsoft MSN Messenger 7.x (8.0?),  Microsoft MSN Messenger 7.x,  Microsoft MSN Messenger
Date D V Title Author
2002-05-24Download Exploit Code Verified Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of ServiceBeck Mr.R
2005-02-08Download Exploit Code Verified Microsoft MSN Messenger 6.2.0137 - '.png' Buffer OverflowATmaCA
2007-08-28Download Exploit Code Verified Microsoft MSN Messenger 8.0 - Video Conversation Buffer Overflowwushi
1999-09-27Download Exploit Code Verified Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer OverflowShane Hird
Menu