mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
118 lines
3.7 KiB
JSON
118 lines
3.7 KiB
JSON
{
|
|
"id": "CVE-2002-0155",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2002-05-29T04:00:00.000",
|
|
"lastModified": "2018-10-12T21:31:15.423",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de b\u00fafer en el control ActiveX Microsoft MSN Chat, usado en MSN Messenger 4.5 y 4.6, y Exchange Instant Messenger 4.5 y 4.6, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un par\u00e1metro ResDLL largo en el OCX MSNChat."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": true,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:msn_chat_control:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "733AB93D-8480-4577-AB65-3E0342B67F72"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:msn_messenger:4.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DFEE276F-4ACC-440B-9F36-FAA7DAD4BAB1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:msn_messenger:4.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "083C6323-8712-4A42-893D-6A6BE5997689"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B2A6D4B7-53E1-423D-A419-330E0B3C661B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5040E94F-9F17-4B21-9F99-3378B11D02CE"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://marc.info/?l=bugtraq&m=102089960531919&w=2",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.cert.org/advisories/CA-2002-13.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"US Government Resource"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.iss.net/security_center/static/9041.php",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/4707",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-022",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |