Amsn
by Amsn
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-0138 | 0.04 | — | 0.06 | Jan 9, 2006 | aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891). | |||
| CVE-2007-2195 | 0.03 | — | 0.03 | Apr 24, 2007 | aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service (application crash) by sending invalid data to TCP port 31337. | |||
| CVE-2008-7255 | 0.00 | — | 0.00 | Apr 20, 2010 | login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation. | |||
| CVE-2010-0744 | 0.00 | — | 0.01 | Apr 20, 2010 | aMSN (aka Alvaro's Messenger) 0.98.3 and earlier, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to… | |||
| CVE-2004-2454 | 0.00 | — | 0.00 | Dec 31, 2004 | aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml. |
- CVE-2006-0138Jan 9, 2006risk 0.04cvss —epss 0.06
aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891).
- CVE-2007-2195Apr 24, 2007risk 0.03cvss —epss 0.03
aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service (application crash) by sending invalid data to TCP port 31337.
- CVE-2008-7255Apr 20, 2010risk 0.00cvss —epss 0.00
login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation.
- CVE-2010-0744Apr 20, 2010risk 0.00cvss —epss 0.01
aMSN (aka Alvaro's Messenger) 0.98.3 and earlier, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to…
- CVE-2004-2454Dec 31, 2004risk 0.00cvss —epss 0.00
aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml.