Page 3 of 35 results (0.012 seconds)

CVSS: 7.6EPSS: 8%CPEs: 1EXPL: 0

CVE-2007-3928

https://notcve.org/view.php?id=CVE-2007-3928

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638. Desbordamiento de búfer en Yahoo! Messenger 8.1 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una dirección larga de correo electrónico en una entrada de la libreta de direcciones. NOTA: Esto podría solaparse con CVE-2007-3638. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064669.html http://secunia.com/advisories/26066 http://securityreason.com/securityalert/2906 http://www.securityfocus.com/bid/24926 http://www.securitytracker.com/id?1018398 http://www.xdisclose.com/advisory/XD100002.html https://exchange.xforce.ibmcloud.com/vulnerabilities/35434 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2007-3638 – Yahoo! Messenger 8.1 - Address Book Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2007-3638

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to execute arbitrary code via unspecified vectors, aka ZD-00000005. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. Un desbordamiento de búfer en Yahoo! • https://www.exploit-db.com/exploits/30314 http://www.securityfocus.com/bid/24784 http://www.wslabi.com/wabisabilabi/initPublishedBid.do? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 95%CPEs: 6EXPL: 5

CVE-2007-3147 – Yahoo! Messenger 8.1.0.249 - ActiveX Control Buffer Overflow

https://notcve.org/view.php?id=CVE-2007-3147

Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en el control Yahoo! • https://www.exploit-db.com/exploits/16519 https://www.exploit-db.com/exploits/4042 https://www.exploit-db.com/exploits/4053 http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063817.html http://messenger.yahoo.com/security_update.php?id=060707 http://research.eeye.com/html/advisories/published/AD20070608.html http://research.eeye.com/html/advisories/upcoming/20070605.html http://secunia.com/advisories/25547 http://securityreason.com/securityalert/2809 http://securitytracker. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 40%CPEs: 6EXPL: 5

CVE-2007-3148 – Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2007-3148

Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the receive method. El desbordamiento del búfer en el control ActiveX de Yahoo! Webcam Viewer en ywcvwr.dll versión 2.0.1.4 para Yahoo! • https://www.exploit-db.com/exploits/4043 https://www.exploit-db.com/exploits/4052 http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063819.html http://messenger.yahoo.com/security_update.php?id=060707 http://osvdb.org/37081 http://research.eeye.com/html/advisories/published/AD20070608.html http://research.eeye.com/html/advisories/upcoming/20070605.html http://secunia.com/advisories/25547 http://securitytracker.com/id?1018204 http://www.kb.cert.org/vuls/id/932217 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 67%CPEs: 5EXPL: 0

CVE-2007-1680 – Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2007-1680

Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before 20070313 allows remote attackers to execute arbitrary code via long (1) socksHostname and (2) hostname properties. Desbordamiento de búfer en la función createAndJoinConference en el control ActiveX AudioConf (yacscom.dll) en Yahoo! Messenger anterior a 20070313 permite a atacantes remotos ejecutar código de su elección a través de las propiedades (1) socksHostname y (2) hostname. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Yahoo Messenger. • http://messenger.yahoo.com/security_update.php?id=031207 http://osvdb.org/34319 http://secunia.com/advisories/24742 http://securityreason.com/securityalert/2523 http://www.kb.cert.org/vuls/id/388377 http://www.securityfocus.com/archive/1/464607/100/0/threaded http://www.securityfocus.com/bid/23291 http://www.securitytracker.com/id?1017867 http://www.vupen.com/english/advisories/2007/1219 http://www.zerodayinitiative.com/advisories/ZDI-07-012.html https://exchange.xforce. •