CVSS: 9.3EPSS: 7%CPEs: 7EXPL: 0CVE-2006-6603
https://notcve.org/view.php?id=CVE-2006-6603
Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information. Desbordamiento de búfer en el controlador YMMAPI.YMailAttach ActiveX (ymmapi.dll) anterior a 2005.1.1.4 en Yahoo! Messenger permote a un atacante remoto ejecutar código de su elección a través de un documento HTML manipulado. NOTA: algunos de estos detalles se han obtenido de información de terceros. • http://messenger.yahoo.com/security_update.php?id=120806 http://secunia.com/advisories/23401 http://securitytracker.com/id?1017387 http://www.kb.cert.org/vuls/id/901852 http://www.securityfocus.com/bid/21607 http://www.vupen.com/english/advisories/2006/5016 •
CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 0CVE-2004-0043
https://notcve.org/view.php?id=CVE-2004-0043
Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature. Desbordamiento de búfer en Yahoo Instant Messenger 5.6.0.1351 y anteriores permite que atacantes remotos provoquen una denegación de servicio (caída) y posiblemente ejecuten código arbitrario mediante un nombre de fichero largo en la opción de descarga. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-January/015334.html http://marc.info/?l=bugtraq&m=107357996802255&w=2 http://secunia.com/advisories/10573 http://www.osvdb.org/3437 http://www.securityfocus.com/bid/9383 http://www.securitytracker.com/id?1008651 https://exchange.xforce.ibmcloud.com/vulnerabilities/14171 •