| ID |
CVE-2002-0155
|
| Summary |
Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:microsoft:msn_chat_control:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:msn_chat_control:*:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:msn_messenger:4.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:msn_messenger:4.5:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:msn_messenger:4.6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:msn_messenger:4.6:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.5:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.6:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 7.5 (as of 12-10-2018 - 21:31) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| refmap
via4
|
| bid | 4707 | | bugtraq | 20020508 ADVISORY: MSN Messenger OCX Buffer Overflow | | cert | CA-2002-13 | | vulnwatch | 20020508 [VulnWatch] ADVISORY: MSN Messenger OCX Buffer Overflow | | xf | msn-chatcontrol-resdll-bo(9041) |
|
| Last major update |
12-10-2018 - 21:31 |
| Published |
29-05-2002 - 04:00 |
| Last modified |
12-10-2018 - 21:31 |
