Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user.Referenceshttp://www.jaascois.com/exploits/18602016/http://www.securityfocus.com/archive/1/438442/100/0/threadedhttp://securitydot.net/xpl/exploits/vulnerabilities/articles/1108/exploit.htmlhttp://securitytracker.com/id?1016373https://exchange.xforce.ibmcloud.com/vulnerabilities/27417http://www.securityfocus.com/bid/18639
