CVE-2002-0031

Sažetak

Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.

Reference

http://online.securityfocus.com/archive/1/274223
http://www.cert.org/advisories/CA-2002-16.html
http://www.kb.cert.org/vuls/id/137115
http://www.securityfocus.com/bid/4837

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

05-09-2008 - 20:26

Objavljeno

26-07-2002 - 04:00