Messenger@6.0 Security Vulnerabilities and Issues — Messenger@6.0 CVE List

Lucene search

YahooMessenger6.0

8 matches found

CVE•added 2007/02/09 7:28 p.m.•54 views

CVE-2007-0868

Unspecified vulnerability in the Chat Room functionality in Yahoo! Messenger 8.1.0.239 and earlier allows remote attackers to cause a denial of service via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

5CVSS6.5AI score0.00518EPSS

CVE•added 2012/01/19 3:55 p.m.•52 views

CVE-2012-0268

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.

5.1CVSS8AI score0.01579EPSS

CVE•added 2005/05/02 4:0 a.m.•51 views

CVE-2005-0737

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.

7.5CVSS8.3AI score0.04788EPSS

CVE•added 2006/12/15 10:28 p.m.•48 views

CVE-2006-6603

Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information.

9.3CVSS7.7AI score0.06449EPSS

CVE•added 2005/02/18 5:0 a.m.•46 views

CVE-2005-0242

The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.

4.6CVSS7.1AI score0.00056EPSS

CVE•added 2005/02/18 5:0 a.m.•41 views

CVE-2005-0243

Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file e...

5CVSS6.7AI score0.00318EPSS

CVE•added 2005/05/16 4:0 a.m.•40 views

CVE-2005-1618

The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted packet to the server, which triggers a d...

5CVSS7AI score0.04457EPSS

CVE•added 2005/05/19 4:0 a.m.•40 views

CVE-2005-1671

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive info...

2.1CVSS6.1AI score0.00034EPSS