CVE-2002-0228
Last modified
CVE-2002-0228 is a vulnerability of currently unknown severity. Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).. EPSS estimates a 16.35% chance of exploitation in the next 30 days.
Description
Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Msn Messenger | 2.2 |
| Microsoft | Msn Messenger | 3.0 |
| Microsoft | Msn Messenger | 4.0 |
| Microsoft | Msn Messenger | 4.5 |
| Microsoft | Msn Messenger | 4.6 |
References
- http://online.securityfocus.com/archive/1/254021Patch, Vendor Advisory
- http://www.iss.net/security_center/static/8084.phpVendor Advisory
- http://online.securityfocus.com/archive/1/254021Patch, Vendor Advisory
- http://www.iss.net/security_center/static/8084.phpVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2002-0228?
How severe is CVE-2002-0228?
How do I fix CVE-2002-0228?
Are you affected by CVE-2002-0228?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST