Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0228


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0228
Last Modified 10 Sep 2008 08:00:44
Published 16 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).

Vulnerable Systems


  • Microsoft Msn Messenger 2.2

  • Microsoft Msn Messenger 3.0

  • Microsoft Msn Messenger 4.0

  • Microsoft Msn Messenger 4.5

  • Microsoft Msn Messenger 4.6


BUGTRAQ - 20020202 MSN Messenger reveals your name to websites (and can reveal email addresses too)

XF - msn-messenger-reveal-information(8084)

BID - 4028

Last Updated: 27 May 2016 10:36:50