CVE-2002-1150

Name of the Vulnerable Software and Affected Versions: Microsoft NetMeeting versions 3.01 through SP2 (4.4.3396)

Description: The issue allows attackers with physical access to hijack remote sessions by entering certain logoff or shutdown sequences, such as CTRL-ALT-DEL, and canceling out of the resulting user confirmation prompts. This can occur when the remote user is engaged in activities like editing a document.

Recommendations: For Microsoft NetMeeting versions 3.01 through SP2 (4.4.3396), consider restricting physical access to the system to minimize the risk of exploitation. As a temporary workaround, implement additional authentication or authorization measures when remote sessions are initiated to reduce the likelihood of session hijacking.