CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0228

Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.286

EPSS Ranking 96.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://online.securityfocus.com/archive/1/254021
http://www.iss.net/security_center/static/8084.php
http://www.securityfocus.com/bid/4028
http://online.securityfocus.com/archive/1/254021
http://www.iss.net/security_center/static/8084.php
http://www.securityfocus.com/bid/4028

Products affected by CVE-2002-0228

Microsoft » Msn Messenger » Version: 2.2

cpe:2.3:a:microsoft:msn_messenger:2.2
Microsoft » Msn Messenger » Version: 3.0

cpe:2.3:a:microsoft:msn_messenger:3.0
Microsoft » Msn Messenger » Version: 4.0

cpe:2.3:a:microsoft:msn_messenger:4.0
Microsoft » Msn Messenger » Version: 4.5

cpe:2.3:a:microsoft:msn_messenger:4.5
Microsoft » Msn Messenger » Version: 4.6

cpe:2.3:a:microsoft:msn_messenger:4.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0228

Products

Pricing

Contact Us