CVE-2002-0228

Currently unrated

Key Information:

Vendor: Microsoft
Status: Msn Messenger
Vendor: CVE Published:; 16 May 2002

Summary

Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).

References

http://online.securityfocus.com/archive/1/254021

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/8084.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/4028

vdb-entryx_refsource_BID

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 16, 2002
Vulnerability Reserved
May 1, 2002

Collectors

NVD DatabaseMitre Database