Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0472

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0472
Last Modified 05 Sep 2008 04:28:06
Published 12 Aug 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0472

Summary

MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows remote attackers to spoof messages from other users.

Vulnerable Systems

Application

  • Microsoft Msn Messenger 3.6


References

BID - 4316

BUGTRAQ - 20020319 Potential vulnerabilities of the Microsoft RVP-based Instant Messaging

XF - msn-messenger-message-spoofing(8582)

MISC - http://www.encode-sec.com/esp0202.pdf


Last Updated: 27 May 2016 10:36:56