Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-6535
Buffer overflow in the YShortcut ActiveX control in YShortcut.dll 2006.8.15.1 in Yahoo! Toolbar might allow malicious users to execute arbitrary code via a long string to the IsTaggedBM method.
Yahoo Toolbar
231
VMScore
CVE-2006-4975
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote malicious users to inject arbitrary web script or HTML via a URL at the online service.
Yahoo Messenger
435
VMScore
CVE-2007-0768
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and previous versions allow user-assisted remote malicious users to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG elem...
Yahoo Messenger
1 EDB exploit
829
VMScore
CVE-2014-7216
Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and previous versions allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the (1) shortcut or (2) title keys in an emoticons.xml file.
Yahoo Messenger
1 Article
940
VMScore
CVE-2007-4391
Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote malicious users to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an "invite to view my webcam" request, ...
Yahoo Messenger 8.1.0.413
2 EDB exploits
505
VMScore
CVE-2007-5017
Absolute path traversal vulnerability in a certain ActiveX control in the CYFT object in ft60.dll in Yahoo! Messenger 8.1.0.421 allows remote malicious users to force a download, and create or overwrite arbitrary files via a full pathname in the second argument to the GetFile met...
Yahoo Messenger 8.1.0.421
1 EDB exploit
676
VMScore
CVE-2007-3928
Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638.
Yahoo Messenger 8.1
440
VMScore
CVE-2009-4171
An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument.
Yahoo Messenger 9.0.0.2162
2 EDB exploits
605
VMScore
CVE-2007-3638
Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to execute arbitrary code via unspecified vectors, aka ZD-00000005. NOTE: this information is based upon a vague advisory by a vulnerability information sal...
Yahoo Messenger 8.1
1 EDB exploit
570
VMScore
CVE-2002-1664
Yahoo! Messenger before February 2002 allows remote malicious users to add arbitrary users to another user's buddy list and possibly obtain sensitive information.
Yahoo Messenger 5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »