CVE-2002-0031

Published: 26/07/2002 Updated: 05/09/2008

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 470

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Buffer overflows in Yahoo! Messenger 5,0,0,1064 and previous versions allows remote malicious users to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yahoo messenger 5.0

source: wwwsecurityfocuscom/bid/4837/info Yahoo! Messenger configures the 'ymsgr:' URI handler when it is installed The handler invokes YPAGEREXE with the supplied parameters YPAGEREXE accepts the 'call' argument; it is used for starting the 'Call Center' feature There is a stack overrun condition in the 'Call Center' component that ...

/* * * ---[ Remote yahoo Messenger V55 exploiter on Windows XP ]--- * * Dtors Security Research (DSR) * Code by: Rave * * The buffer looks like this * * |-<-<-<--| * <Fillup x offset><JMP 0x3><EIP><NOPS><SHELLCODE> * ^__________^ * * */ #include <windowsh> #include <stdioh> #include <stdl ...

NVD-CWE-Other http://online.securityfocus.com/archive/1/274223 http://www.cert.org/advisories/CA-2002-16.html http://www.securityfocus.com/bid/4837 http://www.kb.cert.org/vuls/id/137115 https://nvd.nist.gov https://www.exploit-db.com/exploits/21484/https://www.kb.cert.org/vuls/id/137115

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0031

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect