Vulnerability: Microsoft MSN Chat ActiveX

CERT has warned a buffer overflow exists in the "ResDLL" parameter of the MSN Chat ActiveX control that may permit a remote attacker to execute arbitrary code on the system with the privileges of the current user.

This vulnerability affects MSN Messenger and Exchange Instant Messenger users. Users of Microsoft's Internet Explorer (IE) who accept and install Microsoft-signed ActiveX controls are also affected.

More information is available on the CERT website:http://www.cert.org/advisories/CA-2002-13.htmlOr on Microsoft: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-022.asp

Join the newsletter!

Error: Please check your email address.

More about CERT AustraliaMicrosoftMSN

Show Comments

Market Place