CVE-2002-0155

critical

Description

Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-022

http://www.securityfocus.com/bid/4707

http://www.iss.net/security_center/static/9041.php

http://www.cert.org/advisories/CA-2002-13.html

http://marc.info/?l=bugtraq&m=102089960531919&w=2

Details

Source: Mitre, NVD

Published: 2002-05-29

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.19137

Detections

Analytics