CVE-2002-0228
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).
Microsoft MSN Messenger permite a atacantes remotos usar JavaScript que referencia a un objeto ActiveX para obtener información sensible como nombres mostrados y navegación de sitios web, y posiblemente mas cuando el usuario está conectado a ciertos sitios de Microsoft (o sitios con DNS falsificado).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2002-05-01 CVE Reserved
- 2002-05-03 CVE Published
- 2024-08-08 CVE Updated
- 2024-10-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/4028 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://online.securityfocus.com/archive/1/254021 | 2008-09-11 |
| URL | Date | SRC |
|---|---|---|
| http://www.iss.net/security_center/static/8084.php | 2008-09-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Msn Messenger Search vendor "Microsoft" for product "Msn Messenger" | 2.2 Search vendor "Microsoft" for product "Msn Messenger" and version "2.2" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Msn Messenger Search vendor "Microsoft" for product "Msn Messenger" | 3.0 Search vendor "Microsoft" for product "Msn Messenger" and version "3.0" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Msn Messenger Search vendor "Microsoft" for product "Msn Messenger" | 4.0 Search vendor "Microsoft" for product "Msn Messenger" and version "4.0" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Msn Messenger Search vendor "Microsoft" for product "Msn Messenger" | 4.5 Search vendor "Microsoft" for product "Msn Messenger" and version "4.5" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Msn Messenger Search vendor "Microsoft" for product "Msn Messenger" | 4.6 Search vendor "Microsoft" for product "Msn Messenger" and version "4.6" | - |
Affected
| ||||||