Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0155

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0155
Last Modified 10 Sep 2008 08:00:36
Published 29 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0155

Summary

Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.

Vulnerable Systems

Application

  • Microsoft Msn Chat Control

  • Microsoft Msn Messenger 4.5

  • Microsoft Msn Messenger 4.6

  • Microsoft Msn Messenger Service For Exchange 4.5

  • Microsoft Msn Messenger Service For Exchange 4.6


References

CERT - CA-2002-13

MS - MS02-022

BUGTRAQ - 20020508 ADVISORY: MSN Messenger OCX Buffer Overflow

BID - 4707

XF - msn-chatcontrol-resdll-bo(9041)


Last Updated: 27 May 2016 10:36:48