CVE-2007-3928

Yahoo! Messenger 8.1 - Authenticated Buffer Overflow via Long Email Address in Address Book Entry

Title source: llm
STIX 2.1

Description

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638.

References (7)

Core 7
Core References
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26066
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24926
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018398
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2906
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35434
Mailing List mailing-list x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064669.html

Scores

EPSS 0.0566
EPSS Percentile 92.1%

Details

CWE
CWE-119
Status published
Products (1)
yahoo/messenger 8.1
Published Jul 21, 2007
Tracked Since Feb 18, 2026