Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
YahooMessenger5.5

9 matches found

CVE
CVEadded 2007/02/09 7:28 p.m.54 views

CVE-2007-0868

Unspecified vulnerability in the Chat Room functionality in Yahoo! Messenger 8.1.0.239 and earlier allows remote attackers to cause a denial of service via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

5CVSS6.5AI score0.00518EPSS
CVE
CVEadded 2012/01/19 3:55 p.m.52 views

CVE-2012-0268

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.

5.1CVSS8AI score0.01579EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.51 views

CVE-2005-0737

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.

7.5CVSS8.3AI score0.04788EPSS
CVE
CVEadded 2006/12/15 10:28 p.m.48 views

CVE-2006-6603

Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information.

9.3CVSS7.7AI score0.06449EPSS
CVE
CVEadded 2005/02/18 5:0 a.m.46 views

CVE-2005-0242

The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.

4.6CVSS7.1AI score0.00056EPSS
CVE
CVEadded 2005/02/18 5:0 a.m.41 views

CVE-2005-0243

Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file e...

5CVSS6.7AI score0.00318EPSS
CVE
CVEadded 2005/05/16 4:0 a.m.40 views

CVE-2005-1618

The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted packet to the server, which triggers a d...

5CVSS7AI score0.04457EPSS
CVE
CVEadded 2005/05/19 4:0 a.m.40 views

CVE-2005-1671

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive info...

2.1CVSS6.1AI score0.00034EPSS
CVE
CVEadded 2007/10/29 7:0 p.m.37 views

CVE-2002-2361

The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing.

5.8CVSS7.1AI score0.00274EPSS