CVE-2002-0472 Information

Description

MSN Messenger Service 3.6 and possibly other versions uses weak authentication when exchanging messages between clients which allows remote attackers to spoof messages from other users.

Reference

http://www.encode-sec.com/esp0202.pdf http://www.iss.net/security_center/static/8582.php http://www.securityfocus.com/archive/1/262906 http://www.securityfocus.com/bid/4316