Weak Authentication Vulnerability in MSN Messenger Service by Microsoft
CVE-2002-0472

Currently unrated

Key Information:

Vendor: Microsoft
Status: Msn Messenger
Vendor: CVE Published:; 12 August 2002

Summary

The MSN Messenger Service 3.6, along with possibly other versions, implements inadequate authentication mechanisms during the message exchange process between clients. This vulnerability exposes users to the risk of remote attackers spoofing messages, potentially leading to misinformation and unauthorized communications. It's essential for users to be aware of these weaknesses to take appropriate measures and protect their privacy in online communication.

References

http://www.securityfocus.com/archive/1/262906

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/8582.php

vdb-entryx_refsource_XF

http://www.encode-sec.com/esp0202.pdf

x_refsource_MISC

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 12, 2002
Vulnerability Reserved
Jun 7, 2002