CVE-2005-0737

Yahoo! Messenger - Buffer Overflow via Offline Mode

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0737. PoCs published by Mehrtash Mallahzadeh.

AI-analyzed exploit summary The provided text describes a remote buffer overflow vulnerability in Yahoo! Messenger (CVE-2005-0737) due to insecure handling of user-supplied input. The details are sparse, but it suggests arbitrary code execution is possible if the attacker is in the victim's contact list.

Description

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Mehrtash Mallahzadeh · textremotewindows
https://www.exploit-db.com/exploits/25196

The provided text describes a remote buffer overflow vulnerability in Yahoo! Messenger (CVE-2005-0737) due to insecure handling of user-supplied input. The details are sparse, but it suggests arbitrary code execution is possible if the attacker is in the victim's contact list.

Classification
Writeup 80%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Yahoo! Messenger (version unspecified)
Auth required
Prerequisites: Attacker must be in the victim's contact list
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/lists/fulldisclosure/2005/Mar/0284.html
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12750

Scores

EPSS 0.0407
EPSS Percentile 89.5%

Details

Status published
Products (17)
yahoo/messenger 4.0
yahoo/messenger 5.0
yahoo/messenger 5.0.1046
yahoo/messenger 5.0.1065
yahoo/messenger 5.0.1232
yahoo/messenger 5.5
yahoo/messenger 5.5.1249
yahoo/messenger 5.6
yahoo/messenger 5.6.0.1347
yahoo/messenger 5.6.0.1351
... and 7 more
Published May 02, 2005
Tracked Since Feb 18, 2026