Yahoo! Messenger Remote Buffer Overflow Vulnerability

vendor:

Messenger

by:

SecurityFocus

7.5

CVSS

HIGH

Buffer Overflow

120

CWE

Product Name: Messenger

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: No

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

Yahoo! Messenger Remote Buffer Overflow Vulnerability

It has been reported that a remote buffer overflow vulnerability affects Yahoo! Messenger. This issue is due to a failure of the application to securely copy user-supplied input into finite process buffers. It is likely that the attacker must be in the contact list of an unsuspecting user to exploit this issue. An attacker may leverage this issue to execute arbitrary code in the context of an unsuspecting user running a vulnerable version of the affected application.

Mitigation:

No known mitigation

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12750/info

It has been reported that a remote buffer overflow vulnerability affects Yahoo! Messenger. This issue is due to a failure of the application to securely copy user-supplied input into finite process buffers.

It is likely that the attacker must be in the contact list of an unsuspecting user to exploit this issue. It should be noted that the details surrounding this issue are not clear; this BID will be updated as more details are released.

An attacker may leverage this issue to execute arbitrary code in the context of an unsuspecting user running a vulnerable version of the affected application. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25196.zip