Page 6 of 33 results (0.003 seconds)

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information. • http://marc.info/?l=bugtraq&m=101439616623230&w=2 http://www.cert.org/advisories/CA-2002-16.html http://www.kb.cert.org/vuls/id/393195 •

CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0

The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. • http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00384.html http://www.iss.net/security_center/static/9984.php http://www.securityfocus.com/bid/5579 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long set_buddygrp field. • http://marc.info/?l=bugtraq&m=101439616623230&w=2 http://www.cert.org/advisories/CA-2002-16.html http://www.kb.cert.org/vuls/id/755755 •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI. • http://online.securityfocus.com/archive/1/274223 http://www.cert.org/advisories/CA-2002-16.html http://www.iss.net/security_center/static/9184.php http://www.kb.cert.org/vuls/id/172315 http://www.securityfocus.com/bid/4838 •

CVSS: 4.6EPSS: 1%CPEs: 1EXPL: 2

Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend. • https://www.exploit-db.com/exploits/45 https://www.exploit-db.com/exploits/21484 http://online.securityfocus.com/archive/1/274223 http://www.cert.org/advisories/CA-2002-16.html http://www.kb.cert.org/vuls/id/137115 http://www.securityfocus.com/bid/4837 •