Home/Product/yahoo messenger
Product

yahoo messenger

43 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-30097
all versions
A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web sc
5.4MEDIUM
 CVE-2023-30096
all versions
A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web sc
5.4MEDIUM
 CVE-2023-30095
all versions
A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web sc
5.4MEDIUM
 CVE-2022-41708
all versions
Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of an
4.3MEDIUM
 CVE-2022-41707
all versions
Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access sensitive data of any user of the appl
6.5MEDIUM
 CVE-2020-20093
<= 228.1.0.10.116
The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 and prior user interface does not properly represent
6.5MEDIUM
 CVE-2020-17476
< 3.2.7
Mibew Messenger before 3.2.7 allows XSS via a crafted user name.
6.1MEDIUM
 CVE-2014-8688
all versions
An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. Secret chat messages are available in cleartext i
7.5HIGH
 CVE-2014-7216
<= 11.5.0.228
Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and earlier allow remote attackers to cause a denial of servi
 CVE-2013-1085
<= 2.1
Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.
 CVE-2012-0268
<= 11.5.0.152
Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled
 CVE-2011-3179
all versions
The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote
 CVE-2009-4171
all versions
An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers
 CVE-2007-5017
all versions
Absolute path traversal vulnerability in a certain ActiveX control in the CYFT object in ft60.dll in Yahoo! Messenger 8.1.0.421 al
 CVE-2007-4635
all versions
Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to cause a denial of service (application crash) via certain file
 CVE-2007-4515
<= 8.1.0.413
Buffer overflow in a certain ActiveX control in YVerInfo.dll before 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger
 CVE-2007-4391
all versions
Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attackers to cause a denial of servi
 CVE-2007-3928
all versions
Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mai
 CVE-2007-3638
all versions
Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to exe
 CVE-2007-3148
all versions
Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote att
 CVE-2007-3147
all versions
Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote att
 CVE-2007-1680
all versions
Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messe
 CVE-2007-0868
all versions
Unspecified vulnerability in the Chat Room functionality in Yahoo! Messenger 8.1.0.239 and earlier allows remote attackers to caus
 CVE-2007-0768
<= 8.1.0.209
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and earlier
 CVE-2006-6603
<= 8.0
Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) before 2005.1.1.4 in Yahoo! Messenger allows remote attacke
 CVE-2006-5563
all versions
Unspecified vulnerability in Yahoo! Messenger (Service 18) before 8.1.0.195 allows remote attackers to cause a denial of service (
 CVE-2006-4975
all versions
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote attackers to inject ar
 CVE-2006-3298
all versions
Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote attackers to cause a denial of service (crash) via messages that contain non-
 CVE-2005-1671
all versions
The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.
 CVE-2005-1618
all versions
The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service (disconnect) via a
 CVE-2005-0737
all versions
Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.
 CVE-2005-0242
all versions
The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code b
 CVE-2005-0243
all versions
Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialo
 CVE-2004-0043
<= 5.6.0.1351
Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and
 CVE-2003-1135
all versions
Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (send
 CVE-2002-2361
all versions
The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to instal
 CVE-2002-1665
all versions
Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial of service (crash) and possibly
 CVE-2002-1664
all versions
Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obt
 CVE-2002-0032
all versions
Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview paramet
 CVE-2002-0031
all versions
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with
 CVE-2002-0322
all versions
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via s
 CVE-2002-0321
all versions
Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for soc
 CVE-2002-0320
all versions
Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code v
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live statistics Live status Privacy policy Terms of service
threatengine.sh