CVE-2011-1243
Windows XP - Remote Code Execution via Messenger ActiveX Control
Title source: llmDescription
The Windows Messenger ActiveX control in msgsc.dll in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via unspecified vectors that "corrupt the system state," aka "Microsoft Windows Messenger ActiveX Control Vulnerability."
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12524
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/47197
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/71788
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-027
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/44159
Scores
EPSS
0.2932
EPSS Percentile
98.0%
Details
CWE
CWE-119
Status
published
Products (1)
microsoft/windows_xp
(2 CPE variants)
Published
Apr 13, 2011
Tracked Since
Feb 18, 2026