Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo messenger vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-5563
Unspecified vulnerability in Yahoo! Messenger (Service 18) prior to 8.1.0.195 allows remote malicious users to cause a denial of service (NULL dereference and application crash) via a crafted room name in a Conference Invite. NOTE: the provenance of this information is unknown; t...
Yahoo Messenger 8.0
4.3
CVSSv2
CVE-2009-4171
An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument.
Yahoo Messenger 9.0.0.2162
2 EDB exploits
4.6
CVSSv2
CVE-2002-0031
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and previous versions allows remote malicious users to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.
Yahoo Messenger 5.0
2 EDB exploits
7.5
CVSSv2
CVE-2002-0032
Yahoo! Messenger 5,0,0,1064 and previous versions allows remote malicious users to execute arbitrary script as other users via the addview parameter of a ymsgr URI.
Yahoo Messenger 5.0
5
CVSSv2
CVE-2007-5017
Absolute path traversal vulnerability in a certain ActiveX control in the CYFT object in ft60.dll in Yahoo! Messenger 8.1.0.421 allows remote malicious users to force a download, and create or overwrite arbitrary files via a full pathname in the second argument to the GetFile met...
Yahoo Messenger 8.1.0.421
1 EDB exploit
6.4
CVSSv2
CVE-2002-1664
Yahoo! Messenger before February 2002 allows remote malicious users to add arbitrary users to another user's buddy list and possibly obtain sensitive information.
Yahoo Messenger 5.0
7.5
CVSSv2
CVE-2002-1665
Buffer overflow in Yahoo! Messenger before February 2002 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long set_buddygrp field.
Yahoo Messenger 5.0
5
CVSSv2
CVE-2002-0321
Yahoo! Messenger 5.0 allows remote malicious users to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks.
Yahoo Messenger 5.0
7.5
CVSSv2
CVE-2002-0322
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote malicious users to gain privileges of other users via sniffing.
Yahoo Messenger 4.0
9.3
CVSSv2
CVE-2007-4391
Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote malicious users to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an "invite to view my webcam" request, ...
Yahoo Messenger 8.1.0.413
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »