Lucene search
MitreCVE-2002-0228HistoryMay 16, 2002 - 4:00 a.m.
CVE-2002-0228
2002-05-1604:00:00
mitre
web.nvd.nist.gov
26
microsoft
msn messenger
javascript
activex
sensitive info
remote attack
cve-2002-0228
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.008
Percentile
82.2%
Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).
Affected configurations
Node
microsoftmsn_messengerMatch2.2
ORmicrosoftmsn_messengerMatch3.0
ORmicrosoftmsn_messengerMatch4.0
ORmicrosoftmsn_messengerMatch4.5
ORmicrosoftmsn_messengerMatch4.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | msn_messenger | 2.2 | cpe:2.3:a:microsoft:msn_messenger:2.2:*:*:*:*:*:*:* |
| microsoft | msn_messenger | 3.0 | cpe:2.3:a:microsoft:msn_messenger:3.0:*:*:*:*:*:*:* |
| microsoft | msn_messenger | 4.0 | cpe:2.3:a:microsoft:msn_messenger:4.0:*:*:*:*:*:*:* |
| microsoft | msn_messenger | 4.5 | cpe:2.3:a:microsoft:msn_messenger:4.5:*:*:*:*:*:*:* |
| microsoft | msn_messenger | 4.6 | cpe:2.3:a:microsoft:msn_messenger:4.6:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2002-0228
2002-05-16 04:00:00
cvelist
cvelist
CVE-2002-0228
2002-05-03 04:00:00
openvas
openvas
Windows Messenger is installed
2006-03-26 00:00:00
Microsoft Windows Messenger Multiple Vulnerabilities
2006-03-26 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.008
Percentile
82.2%
Related for CVE-2002-0228