Vulnerability Description
Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Msn Chat Control | All versions |
| Microsoft | Msn Messenger | 4.5 |
| Microsoft | Msn Messenger Service For Exchange | 4.5 |
References
- http://marc.info/?l=bugtraq&m=102089960531919&w=2
- http://www.cert.org/advisories/CA-2002-13.htmlUS Government Resource
- http://www.iss.net/security_center/static/9041.php
- http://www.securityfocus.com/bid/4707
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-02
- http://marc.info/?l=bugtraq&m=102089960531919&w=2
- http://www.cert.org/advisories/CA-2002-13.htmlUS Government Resource
- http://www.iss.net/security_center/static/9041.php
- http://www.securityfocus.com/bid/4707
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-02
FAQ
What is CVE-2002-0155?
CVE-2002-0155 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long Re...
How severe is CVE-2002-0155?
CVE-2002-0155 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0155?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Msn Chat Control, Microsoft Msn Messenger, Microsoft Msn Messenger Service For Exchange.