CVE-2005-1671

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive...

CVE-2005-1671

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive...

CVE-2005-1618

The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service disconnect via a room login or a room join request packet with a third : colon and an & ampersand, which causes Messenger to send a corrupted packet to the server, which triggers a...

CVE-2005-1618

The CVE-2005-1618 entry describes a DoS in Yahoo! Messenger (YMSGR URL handler) for versions 5.x–6.0. A room login/join packet containing a colon and ampersand can cause Messenger to send a corrupted packet to the server, triggering a disconnect. Concrete impact is denial of service; exploitation...

Yahoo! Messenger ymsgr Protocol Multiple Function Overflow

Binary data 1261.prm...

CVE-2002-0032

Yahoo! Messenger 5.0.0.1064 and earlier is vulnerable to remote arbitrary-script execution via the addview parameter of the ymsgr URI. The issue stems from Yahoo! Messenger URI handling, allowing an attacker to run code with the victim’s privileges. The advisory/references indicate remediation by...

CVE-2002-0031

Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to 1 call, 2 sendim, 3 getimv, 4 chat, 5 addview, or 6 addfriend...