CVE-2002-0978

medium

Microsoft

CVSS v3 Base Score

5.0

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS Score

6.2%

Exploitation probability in 30 days

Top 9% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

None

Published: September 24, 2002 (8633 days ago)

Last Modified: April 16, 2026

Vendor: Microsoft

Source: NVD

Description

Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function.

CWE

NVD-CWE-Other

Affected Products

microsoft file transfer manager

References

🔗 archives.neohapsis.com 🔗 archives.neohapsis.com

CVE-2002-0978

Vulnerability Report

Description

CWE

Affected Products

References