Unrated severityNVD Advisory· Published May 29, 2002· Updated Apr 16, 2026

CVE-2002-0155

Description

Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.

Affected products

Microsoft/Msn Chat Control
cpe:2.3:a:microsoft:msn_chat_control:*:*:*:*:*:*:*:*
Microsoft/Msn Messenger2 versions
cpe:2.3:a:microsoft:msn_messenger:4.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:msn_messenger:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:msn_messenger:4.6:*:*:*:*:*:*:*
Microsoft/Msn Messenger Service For Exchange2 versions
cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cert.org/advisories/CA-2002-13.htmlnvdUS Government Resource
marc.infonvd
www.iss.net/security_center/static/9041.phpnvd
www.securityfocus.com/bid/4707nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-022nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.015
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000