CVE-2002-0031

Yahoo Messenger - Buffer Overflow

Title source: rule

Description

Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Rave · cremotewindows

https://www.exploit-db.com/exploits/45

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by bob · cremotewindows

https://www.exploit-db.com/exploits/21484

View Code ZIP pw:eip

References (4)

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/4837

[Patch, Third Party Advisory, US Government Resource] http://www.cert.org/advisories/CA-2002-16.html

[US Government Resource] http://www.kb.cert.org/vuls/id/137115

[Vendor Advisory] http://online.securityfocus.com/archive/1/274223

Scores

EPSS 0.2142

EPSS Percentile 95.7%

Details

Status published

Products (1)

yahoo/messenger 5.0

Published Jul 26, 2002

Tracked Since Feb 18, 2026