NotCVE - vendor:"Yahoo" product:"Messenger" version:" <= 11.5.0.228"

Page 4 of 37 results (0.001 seconds)

CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0

CVE-2002-1665

https://notcve.org/view.php?id=CVE-2002-1665

31 Dec 2002 — Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long set_buddygrp field. • http://marc.info/?l=bugtraq&m=101439616623230&w=2 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2002-2361

https://notcve.org/view.php?id=CVE-2002-2361

31 Dec 2002 — The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. • http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00384.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2002-0032

https://notcve.org/view.php?id=CVE-2002-0032

26 Jul 2002 — Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI. • http://online.securityfocus.com/archive/1/274223 •

CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 2

CVE-2002-0031 – Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Overflow

https://notcve.org/view.php?id=CVE-2002-0031

11 Jun 2002 — Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend. • https://www.exploit-db.com/exploits/45 •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2002-0322

https://notcve.org/view.php?id=CVE-2002-0322

03 May 2002 — Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing. • http://marc.info/?l=bugtraq&m=101466489113920&w=2 •

CVSS: 9.8EPSS: 18%CPEs: 1EXPL: 0

CVE-2002-0320

https://notcve.org/view.php?id=CVE-2002-0320

03 May 2002 — Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field. • http://marc.info/?l=bugtraq&m=101439616623230&w=2 •

CVSS: 9.1EPSS: 3%CPEs: 1EXPL: 0

CVE-2002-0321

https://notcve.org/view.php?id=CVE-2002-0321

03 May 2002 — Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks. • http://marc.info/?l=bugtraq&m=101439616623230&w=2 •

1 2 3 4