CVE-2004-0122

5 documents5 sources
Severity
5.0MEDIUM
EPSS
33.0%
top 3.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft MSN Messenger
Timeline
PublishedApr 15
Latest updateApr 29

Description

Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/msn_messenger6.0, 6.1+1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-6wr2-m56m-v6hg: Microsoft MSN Messenger 62022-04-29
CVEList
CVE-2004-0122: Microsoft MSN Messenger 62004-09-01

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX 10.3.7 - Input Validation Flaw 'parse_machfile()' Denial of Service2005-01-20

📋Vendor Advisories

1
Red Hat
pidgin/libpurple: MSN custom smiley request directory traversal file disclosure2009-12-27
CVE-2004-0122 (MEDIUM CVSS 5) | Microsoft MSN Messenger 6.0 and 6.1 | cvebase.io