CVSS: 5.0EPSS: 7%CPEs: 8EXPL: 2CVE-2002-1831 – Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service
https://notcve.org/view.php?id=CVE-2002-1831
Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field. • https://www.exploit-db.com/exploits/21481 http://online.securityfocus.com/archive/1/274086 http://www.iss.net/security_center/static/9161.php http://www.securityfocus.com/bid/4827 •
CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 0CVE-2002-1698
https://notcve.org/view.php?id=CVE-2002-1698
Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header. • http://online.securityfocus.com/archive/1/271130 http://www.securityfocus.com/bid/4675 https://exchange.xforce.ibmcloud.com/vulnerabilities/9014 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0472
https://notcve.org/view.php?id=CVE-2002-0472
MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows remote attackers to spoof messages from other users. • http://www.encode-sec.com/esp0202.pdf http://www.iss.net/security_center/static/8582.php http://www.securityfocus.com/archive/1/262906 http://www.securityfocus.com/bid/4316 •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2002-0228
https://notcve.org/view.php?id=CVE-2002-0228
Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites). Microsoft MSN Messenger permite a atacantes remotos usar JavaScript que referencia a un objeto ActiveX para obtener información sensible como nombres mostrados y navegación de sitios web, y posiblemente mas cuando el usuario está conectado a ciertos sitios de Microsoft (o sitios con DNS falsificado). • http://online.securityfocus.com/archive/1/254021 http://www.iss.net/security_center/static/8084.php http://www.securityfocus.com/bid/4028 •