Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo messenger vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4975
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote malicious users to inject arbitrary web script or HTML via a URL at the online service.
Yahoo Messenger
NA
CVE-2006-3539
Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com Dragon's Kingdom Script 1.0 allow remote malicious users to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the (1) Subject and (2) Message fields in a do=w...
Dkscript Dragons Kingdom Script 1.0
NA
CVE-2006-3298
Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote malicious users to cause a denial of service (crash) via messages that contain non-ASCII characters, which triggers the crash in jscript.dll.
Yahoo Messenger 7.5.0.814
Yahoo Messenger 7.0.438
1 EDB exploit
NA
CVE-2005-1671
The Logfile feature in Yahoo! Messenger 5.x up to and including 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local...
Yahoo Messenger 5.6
Yahoo Messenger 5.5
Yahoo Messenger 5.6.0.1351
Yahoo Messenger 6.0
NA
CVE-2005-1618
The YMSGR URL handler in Yahoo! Messenger 5.x up to and including 6.0 allows remote malicious users to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted...
Yahoo Messenger 5.6
Yahoo Messenger 5.5
Yahoo Messenger 6.0
1 EDB exploit
NA
CVE-2005-0737
Buffer overflow in Yahoo! Messenger allows remote malicious users to execute arbitrary code via the offline mode.
Yahoo Messenger 5.6
Yahoo Messenger 5.6.0.1355
Yahoo Messenger 5.6.0.1358
Yahoo Messenger 6.0.0.1750
Yahoo Messenger 5.6.0.1347
Yahoo Messenger 5.0.1232
Yahoo Messenger 5.5.1249
Yahoo Messenger 5.5
Yahoo Messenger 6.0.0.1921
Yahoo Messenger 6.0.0.1643
Yahoo Messenger 5.0
Yahoo Messenger 5.6.0.1351
Yahoo Messenger 4.0
Yahoo Messenger 5.0.1065
Yahoo Messenger 5.6.0.1356
Yahoo Messenger 6.0
Yahoo Messenger 5.0.1046
1 EDB exploit
NA
CVE-2005-0208
The HTML parsing functions in Gaim prior to 1.1.4 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.1.0
Rob Flynn Gaim 1.1.3
Rob Flynn Gaim 1.1.1
NA
CVE-2005-0472
Gaim prior to 1.1.3 allows remote malicious users to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.0.1
Rob Flynn Gaim 1.1.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux 10.1
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
NA
CVE-2005-0473
The HTML parsing functions in Gaim prior to 1.1.3 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.0.1
Rob Flynn Gaim 1.1.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux 10.1
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
NA
CVE-2005-0242
The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows malicious users to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.
Yahoo Messenger 5.6
Yahoo Messenger 6.0.0.1750
Yahoo Messenger 5.5
Yahoo Messenger 5.6.0.1351
Yahoo Messenger 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »