The YMSGR URL handler in Yahoo! Messenger 5.x up to and including 6.0 allows remote malicious users to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted packet to the server, which triggers a disconnect from the server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yahoo messenger 5.6 |
||
yahoo messenger 6.0 |
||
yahoo messenger 5.5 |