CVE-2002-0155

Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.

Published: May 29, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0155
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / msn_messenger	4.6	4.6.x
microsoft / msn_messenger_service_for_exchange	4.6	4.6.x
microsoft / msn_chat_control	-	-
microsoft / msn_messenger	4.5	4.5.x
microsoft / msn_messenger_service_for_exchange	4.5	4.5.x

http://marc.info/?l=bugtraq&m=102089960531919&w=2
http://www.cert.org/advisories/CA-2002-13.html
http://www.iss.net/security_center/static/9041.php
http://www.securityfocus.com/bid/4707
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-022

Vulnerability Database

289,697

CVE-2002-0155