Messenger Security Vulnerabilities and Issues — Messenger CVE List

Lucene search

YahooMessenger

7 matches found

cve•added 2003/04/02 5:0 a.m.•81 views

CVE-2002-0032

Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI.

7.5CVSS7.4AI score0.02942EPSS

cve•added 2002/06/25 4:0 a.m.•53 views

CVE-2002-0320

Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field.

7.5CVSS8AI score0.10307EPSS

cve•added 2005/05/02 4:0 a.m.•51 views

CVE-2005-0737

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.

7.5CVSS8.3AI score0.04788EPSS

cve•added 2002/06/25 4:0 a.m.•48 views

CVE-2002-0322

Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing.

7.5CVSS6.9AI score0.00717EPSS

cve•added 2004/02/03 5:0 a.m.•41 views

CVE-2004-0043

Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature.

7.5CVSS8.3AI score0.03243EPSS

cve•added 2007/07/21 12:30 a.m.•39 views

CVE-2007-3928

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638.

7.6CVSS7.4AI score0.09377EPSS

cve•added 2005/05/28 4:0 a.m.•38 views

CVE-2002-1665

Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long set_buddygrp field.

7.5CVSS8.4AI score0.04794EPSS