CVE-2002-0155

3 documents3 sources

Severity

7.5HIGH

EPSS

19.1%

top 4.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft MSN Messenger Microsoft MSN Messenger Service FOR Exchange

Timeline

PublishedMay 29

Latest updateApr 30

Description

Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/msn_messenger4.5, 4.6+1

▶NVDmicrosoft/msn_messenger_service4.5, 4.6+1

🔴Vulnerability Details

GHSA

GHSA-jjhg-8w5v-3hcv: Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4↗2022-04-30

▶

CVEList

CVE-2002-0155: Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4↗2003-04-02

▶