Total
33 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-3298 | 1 Yahoo | 1 Messenger | 2023-12-10 | 5.0 MEDIUM | N/A |
Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote attackers to cause a denial of service (crash) via messages that contain non-ASCII characters, which triggers the crash in jscript.dll. | |||||
CVE-2005-1618 | 1 Yahoo | 1 Messenger | 2023-12-10 | 5.0 MEDIUM | N/A |
The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted packet to the server, which triggers a disconnect from the server. | |||||
CVE-2005-0242 | 1 Yahoo | 1 Messenger | 2023-12-10 | 4.6 MEDIUM | N/A |
The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions. | |||||
CVE-2002-0322 | 1 Yahoo | 1 Messenger | 2023-12-10 | 7.5 HIGH | N/A |
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing. | |||||
CVE-2003-1135 | 1 Yahoo | 1 Messenger | 2023-12-10 | 2.6 LOW | N/A |
Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | |||||
CVE-2004-0043 | 1 Yahoo | 1 Messenger | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature. | |||||
CVE-2002-0320 | 1 Yahoo | 1 Messenger | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field. | |||||
CVE-2002-1664 | 1 Yahoo | 1 Messenger | 2023-12-10 | 6.4 MEDIUM | N/A |
Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information. | |||||
CVE-2002-2361 | 1 Yahoo | 1 Messenger | 2023-12-10 | 5.8 MEDIUM | N/A |
The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. | |||||
CVE-2002-1665 | 1 Yahoo | 1 Messenger | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long set_buddygrp field. | |||||
CVE-2002-0031 | 1 Yahoo | 1 Messenger | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend. | |||||
CVE-2002-0321 | 1 Yahoo | 1 Messenger | 2023-12-10 | 5.0 MEDIUM | N/A |
Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks. | |||||
CVE-2002-0032 | 1 Yahoo | 1 Messenger | 2023-12-10 | 7.5 HIGH | N/A |
Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI. |