CVE-2002-0031

Yahoo! Messenger 5.0.0.1064 - Remote Code Execution via Long YMSGR URI Arguments

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-0031. PoCs published by Rave, bob.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Yahoo Messenger 5.5 on Windows XP. It crafts a malicious HTML file served via a local web server, which triggers the overflow when the victim opens it, leading to arbitrary code execution (cmd.exe).

Description

Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Rave · cremotewindows
https://www.exploit-db.com/exploits/45

This exploit targets a buffer overflow vulnerability in Yahoo Messenger 5.5 on Windows XP. It crafts a malicious HTML file served via a local web server, which triggers the overflow when the victim opens it, leading to arbitrary code execution (cmd.exe).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Yahoo Messenger 5.5 on Windows XP
No auth needed
Prerequisites: Victim must open the malicious HTML file served by the attacker's web server · Yahoo Messenger 5.5 must be installed on Windows XP
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by bob · cremotewindows
https://www.exploit-db.com/exploits/21484

This exploit leverages a stack-based buffer overflow in Yahoo! Messenger's 'ymsgr:' URI handler via the 'call' parameter. It crafts a malicious HTML file that, when viewed, triggers arbitrary code execution through shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Yahoo! Messenger 5.5.0.1246
No auth needed
Prerequisites: Victim must open the malicious HTML file · Yahoo! Messenger 5.5 must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4837
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.cert.org/advisories/CA-2002-16.html
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/137115
Vendor Advisory mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/274223

Scores

EPSS 0.0494
EPSS Percentile 91.0%

Details

Status published
Products (1)
yahoo/messenger 5.0
Published Jul 26, 2002
Tracked Since Feb 18, 2026