CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2004-0043
https://notcve.org/view.php?id=CVE-2004-0043
14 Jan 2004 — Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature. Desbordamiento de búfer en Yahoo Instant Messenger 5.6.0.1351 y anteriores permite que atacantes remotos provoquen una denegación de servicio (caída) y posiblemente ejecuten código arbitrario mediante un nombre de fichero largo en la opción de descarga. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-January/015334.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2002-2361
https://notcve.org/view.php?id=CVE-2002-2361
31 Dec 2002 — The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. • http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00384.html • CWE-264: Permissions, Privileges, and Access Controls •