CVE-2002-0472

3 documents3 sources

Severity

5.0MEDIUM

EPSS

15.2%

top 5.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft MSN Messenger

Timeline

PublishedAug 12

Latest updateApr 30

Description

MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows remote attackers to spoof messages from other users.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/msn_messenger3.6

🔴Vulnerability Details

GHSA

GHSA-5fj2-ghpc-2v79: MSN Messenger Service 3↗2022-04-30

▶

CVEList

CVE-2002-0472: MSN Messenger Service 3↗2002-06-11

▶