Remote File Access Vulnerability in Microsoft MSN Messenger
CVE-2004-0122

Currently unrated

Key Information:

Vendor: Microsoft
Status: Msn Messenger
Vendor: CVE Published:; 15 April 2004

Summary

Microsoft MSN Messenger versions 6.0 and 6.1 contain a vulnerability that allows remote attackers to exploit improper handling of certain requests, enabling them to read arbitrary files from the system. This loophole poses a potential risk to user data confidentiality and system integrity, as an attacker may gain access to sensitive information through crafted requests.

References

http://www.securityfocus.com/bid/9828

vdb-entryx_refsource_BID

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.kb.cert.org/vuls/id/688094

third-party-advisoryx_refsource_CERT-VN

EPSS Score

32% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 15, 2004
Vulnerability Reserved
Feb 3, 2004