HTML-injection vulnerability in Yahoo! Messenger

vendor:

Yahoo! Messenger

by:

Unknown

7.5

CVSS

HIGH

HTML-injection

CWE

Product Name: Yahoo! Messenger

Affected Version From: Versions prior to 2.1.0.29

Affected Version To:

Patch Exists: YES

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

HTML-injection vulnerability in Yahoo! Messenger

An attacker can inject arbitrary script code in the context of a victim's Internet Explorer temporary folder using Yahoo! Messenger. This can lead to information theft and other attacks.

Mitigation:

Upgrade to version 2.1.0.29 or later.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/22269/info

Yahoo! Messenger is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the context of a victim's Internet Explorer temporary folder. This may help the attacker steal information and launch other attacks.

Versions prior to 2.1.0.29 are vulnerable to this issue. 

1. Firstname: example example example example ? ( as long as victim cant see the lastname)
2. Lastname: <img src="javascript:alert('Executed from ' + top.location)" >
3. Request to add victim ID to your contact list.
4. Once victim accepts your request, send him a message and change your online status (Available -> Invisible)