CVE-2002-0472

Description

MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows remote attackers to spoof messages from other users.

Affected products

• Microsoft / msn_messenger3.6 – 3.6

References

• MISChttp://www.securityfocus.com/archive/1/262906
• MISChttp://www.iss.net/security_center/static/8582.php
• MISChttp://www.encode-sec.com/esp0202.pdf
• MISChttp://www.securityfocus.com/bid/4316