Buffer Overflow in Microsoft Messenger Service Allows Remote Denial of Service
CVE-2002-1698

Currently unrated

Key Information:

Vendor: Microsoft
Status: Msn Messenger
Vendor: CVE Published:; 31 December 2002

What is CVE-2002-1698?

A buffer overflow vulnerability exists in Microsoft MSN Messenger Service versions 1.0 to 4.6. This flaw can be exploited by remote attackers who send specially crafted messages containing overly long font arguments in the message header. Such exploitation may lead to service denial as it could cause the affected service to crash unexpectedly. Organizations using these versions of MSN Messenger need to be aware of this security risk and consider mitigating actions.

References

http://www.securityfocus.com/bid/4675

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/9014

vdb-entryx_refsource_XF

http://online.securityfocus.com/archive/1/271130

mailing-listx_refsource_BUGTRAQ

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Jun 21, 2005
Vulnerability published
Dec 31, 2002