Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo messenger vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2361
The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote malicious users to install trojan programs via DNS spoofing.
Yahoo Messenger 4.0
Yahoo Messenger 5.0
Yahoo Messenger 5.5
NA
CVE-2005-1618
The YMSGR URL handler in Yahoo! Messenger 5.x up to and including 6.0 allows remote malicious users to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted...
Yahoo Messenger 5.6
Yahoo Messenger 6.0
Yahoo Messenger 5.5
1 EDB exploit
NA
CVE-2007-4635
Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote malicious users to cause a denial of service (application crash) via certain file-transfer packets, possibly involving a buffer overflow, as demonstrated by ym8bug.exe. NOTE: this might be related to CVE-2007-4515. NOTE: the ...
Yahoo Messenger 8.1.0.209
Yahoo Messenger 8.1.0.402
1 EDB exploit
NA
CVE-2006-3298
Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote malicious users to cause a denial of service (crash) via messages that contain non-ASCII characters, which triggers the crash in jscript.dll.
Yahoo Messenger 7.0.438
Yahoo Messenger 7.5.0.814
1 EDB exploit
NA
CVE-2006-4975
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote malicious users to inject arbitrary web script or HTML via a URL at the online service.
Yahoo Messenger
NA
CVE-2007-0768
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and previous versions allow user-assisted remote malicious users to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG elem...
Yahoo Messenger
1 EDB exploit
NA
CVE-2014-7216
Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and previous versions allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the (1) shortcut or (2) title keys in an emoticons.xml file.
Yahoo Messenger
1 Article
NA
CVE-2007-4515
Buffer overflow in a certain ActiveX control in YVerInfo.dll prior to 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger prior to 8.1.0.419 allows remote malicious users to execute arbitrary code via unspecified vectors involving arguments to the (1) fvCom and (2) info...
Yahoo Messenger
2 EDB exploits
NA
CVE-2004-0043
Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature.
Yahoo Messenger
NA
CVE-2007-5017
Absolute path traversal vulnerability in a certain ActiveX control in the CYFT object in ft60.dll in Yahoo! Messenger 8.1.0.421 allows remote malicious users to force a download, and create or overwrite arbitrary files via a full pathname in the second argument to the GetFile met...
Yahoo Messenger 8.1.0.421
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »