Yahoo! Messenger Notification Message HTML Injection Vulnerability

Bugtraq ID: 22269
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jan 26 2007 12:00AM
Updated: Jan 29 2007 06:58PM
Credit: Hai Nam Luke is credited with the discovery of this vulnerability.
Vulnerable: Yahoo! Messenger 8.0
Yahoo! Messenger 7.5 .814
Yahoo! Messenger 7.0 .438
Yahoo! Messenger 6.0 .0.1921
Yahoo! Messenger 6.0 .0.1750
Yahoo! Messenger 6.0 .0.1643
Yahoo! Messenger 6.0
Yahoo! Messenger 5.6 .0.1358
Yahoo! Messenger 5.6 .0.1356
Yahoo! Messenger 5.6 .0.1355
Yahoo! Messenger 5.6 .0.1351
Yahoo! Messenger 5.6 .0.1347
Yahoo! Messenger 5.6
Yahoo! Messenger 5.5 .1249
Yahoo! Messenger 5.5
Yahoo! Messenger 5.0 .1232
Yahoo! Messenger 5.0 .1065
Yahoo! Messenger 5.0 .1046
Yahoo! Messenger 5.0
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
Yahoo! Messenger 4.0
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
Yahoo! Messenger 8.1.0.29
Yahoo! Messenger 8.1.0.209
Yahoo! Messenger 8.0.0.863
Yahoo! Messenger 8.0 2005.1.1.4
Yahoo! Instant Messenger 3.5
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Yahoo! Instant Messenger build 734
Yahoo! Instant Messenger build 733
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus