messenger software vulnerabilities
vulnerabilities.aspcode.net
Searching messenger software vulnerabilities
Denial of service in AOL Instant Messenger when
potentially
|
malicious
|
Messenger
|
receiving
|
hyperlink
|
attacker
|
causing
|
service
|
Instant
|
client
|
Denial
|
system
|
remote
|
crash
|
sends
|
AOL
|
Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash.
Buffer overflow in Yahoo Pager/Messenger client
Pager/Messenger
|
attackers
|
overflow
|
service
|
message
|
within
|
denial
|
Buffer
|
client
|
allows
|
remote
|
cause
|
Yahoo
|
long
|
via
|
URL
|
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
AOL Instant Messenger (AIM) client allows remot
Messenger
|
Instant
|
AOL
|
AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value.
The file transfer component of AOL Instant Mess
component
|
Messenger
|
transfer
|
Instant
|
file
|
AOL
|
The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient.
Buffer overflow in AOL Instant Messenger before
Messenger
|
overflow
|
Instant
|
Buffer
|
before
|
AOL
|
Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command.
Internet Software Solutions Air Messenger LAN S
Solutions
|
Messenger
|
Internet
|
Software
|
Server
|
LAN
|
Air
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file.
Internet Software Solutions Air Messenger LAN S
Solutions
|
Messenger
|
Internet
|
Software
|
Server
|
LAN
|
Air
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header.
AOL Instant Messenger (AIM) 4.7 allows remote a
Messenger
|
Instant
|
AOL
|
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a malformed WAV file.
AOL Instant Messenger (AIM) 4.7 allows remote a
Messenger
|
Instant
|
AOL
|
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow.
Yahoo! Messenger 5.0 allows remote attackers to
engineering
|
attackers
|
modifying
|
Messenger
|
username
|
service
|
spoofed
|
social
|
allows
|
remote
|
denial
|
spoof
|
Yahoo
|
other
|
using
|
users
|
Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks.
Yahoo! Messenger 4.0 sends user passwords in cl
privileges
|
passwords
|
cleartext
|
attackers
|
Messenger
|
sniffing
|
remote
|
users
|
other
|
which
|
sends
|
Yahoo
|
could
|
allow
|
gain
|
user
|
via
|
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing.
Yahoo! Messenger before February 2002 allows re
Messenger
|
February
|
before
|
Yahoo
|
Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information.
The Audio Setup Wizard (asw.dll) in Yahoo! Mess
Wizard
|
Setup
|
Audio
|
The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.
Buffer overflow in Yahoo! Messenger allows remo
Messenger
|
attackers
|
arbitrary
|
overflow
|
execute
|
offline
|
Buffer
|
allows
|
remote
|
Yahoo
|
mode
|
code
|
via
|
Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.
The YMSGR URL handler in Yahoo! Messenger 5.x t
Messenger
|
attackers
|
service
|
through
|
handler
|
remote
|
denial
|
allows
|
Yahoo
|
YMSGR
|
cause
|
URL
|
The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted packet to the server, which triggers a disconnect from the server.
Unknown vulnerability in NateOn Messenger 3.0 a
vulnerability
|
directories
|
attackers
|
arbitrary
|
Messenger
|
Unknown
|
vectors
|
attack
|
NateOn
|
remote
|
allows
|
list
|
via
|
Unknown vulnerability in NateOn Messenger 3.0 allows remote attackers to list arbitrary directories via unknown attack vectors.
The ActiveX control for NateOn Messenger (Nateo
Messenger
|
control
|
ActiveX
|
NateOn
|
The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to download and execute arbitrary programs by setting the arguments to the GotNate.Excute method.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c) members/is_online.php; (3) site_id parameter in (d) messenger/online.php, (e) messenger/search.php, and (f) messenger/profile.php; (4) contact_name parameter in messenger/search.php; (5) membername parameter in (g) messenger/profileview.php; (6) unspecified parameters used when "editing a profile"; and (7) cust_name parameter in (h) messenger/expire.php. NOTE: The vendor disputes the vectors involving files in the messenger directory, stating "... the referenced folder 'messenger' was never available to the general public...".
Heap-based buffer overflow in Microsoft MSN Mes
user-assisted
|
conversation
|
unspecified
|
Heap-based
|
attackers
|
involving
|
arbitrary
|
Messenger
|
Microsoft
|
overflow
|
handling
|
sessions
|
vectors
|
execute
|
allows
|
remote
|
buffer
|
video
|
Live
|
chat
|
code
|
Cam
|
MSN
|
via
|
Web
|
Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.
Heap-based buffer overflow in Kakadu kdu_v32m.d
kdu_v32mdll
|
Heap-based
|
Messenger
|
overflow
|
buffer
|
Kakadu
|
Yahoo
|
Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attackers to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an "invite to view my webcam" request, and then injecting a DLL into the attacker's peer Yahoo! Messenger application when this request is accepted.
Software vulnerabilities results 1 to 20 of 103
Page:
1
2
3
4
5
6
►