Lucene search

[email protected]CVE-2007-3928

HistoryJul 21, 2007 - 12:30 a.m.

CVE-2007-3928

2007-07-2100:30:00

CWE-119

[email protected]

web.nvd.nist.gov

yahoo messenger

buffer overflow

cve-2007-3928

remote code execution

user-assisted

security vulnerability

7.7 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.063 Low

EPSS

Percentile

93.5%

JSON

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638.

CPENameOperatorVersion
yahoo:messengeryahoo messengereq8.1

CPE	Name	Operator	Version
yahoo:messenger	yahoo messenger	eq	8.1

References

lists.grok.org.uk/pipermail/full-disclosure/2007-July/064669.html

secunia.com/advisories/26066

securityreason.com/securityalert/2906

www.securityfocus.com/bid/24926

www.securitytracker.com/id?1018398

www.xdisclose.com/advisory/XD100002.html

exchange.xforce.ibmcloud.com/vulnerabilities/35434

7.7 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.063 Low

EPSS

Percentile

93.5%

JSON

Related for CVE-2007-3928

prion2 cve1