CVE-2007-2931

Microsoft MSN Messenger <7.5 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-2931. PoCs published by wushi.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in MSN Messenger 7.x (possibly 8.0) via video invitation. It requires DLL injection into the process and can cause a crash or potentially execute a reverse shell on Windows 2000 SP4 (Chinese version).

Description

Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.

Exploits (2)

exploitdb WORKING POC VERIFIED
by wushi · textremotewindows
https://www.exploit-db.com/exploits/4334

This exploit targets a heap overflow vulnerability in MSN Messenger 7.x (possibly 8.0) via video invitation. It requires DLL injection into the process and can cause a crash or potentially execute a reverse shell on Windows 2000 SP4 (Chinese version).

Classification
Working Poc 80%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: MSN Messenger 7.x (possibly 8.0)
Auth required
Prerequisites: DLL injection into MSN Messenger process · Target must accept video invitation · Specific Windows 2000 SP4 (Chinese version) for RCE
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by wushi · textremotewindows
https://www.exploit-db.com/exploits/30537

The provided text describes a buffer overflow vulnerability in Microsoft MSN Messenger, but no actual exploit code is included. It references a binary exploit available in a separate RAR file.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Microsoft MSN Messenger
No auth needed
Prerequisites: User interaction to open malicious file or link
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26570
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36314
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25461
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2987
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018622
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2063
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/40126
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-254A.html
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/166521

Scores

EPSS 0.5545
EPSS Percentile 98.9%

Details

CWE
CWE-119 CWE-20
Status published
Products (4)
microsoft/msn_messenger 6.2
microsoft/msn_messenger 7.0
microsoft/msn_messenger 7.5
microsoft/windows_live_messenger 8.0
Published Aug 31, 2007
Tracked Since Feb 18, 2026