CVE-2008-5828

CVE Database · CVE-2008-5828

CVE-2008-5828

· N/AModified

CVSS v3.1

N/A

EPSS

14.30%

Published

Jan 2, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields.

Weaknesses (CWE)

CWE-200

Affected Products (4)

microsoft · windows_live_messengervulnerable

References (4)

http://securityreason.com/securityalert/4862

http://www.securityfocus.com/archive/1/499624/100/0/threaded

http://securityreason.com/securityalert/4862

http://www.securityfocus.com/archive/1/499624/100/0/threaded

KEV Catalog EPSS Scores Vendors All CVEs