CVE-2008-5828 Information

Description

Microsoft Windows Live Messenger Client 8.5.1 and earlier when MSN Protocol Version 15 (MSNP15) is used over a NAT session allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts (2) IPv4Internal-Addrs and (3) IPv4Internal-Port header fields.

Reference

http://securityreason.com/securityalert/4862 http://www.securityfocus.com/archive/1/499624/100/0/threaded