PT-2007-5148 · Yahoo · Yahoo! Messenger

Rajesh Sethumadhavan

Published

2007-07-21

Updated

2017-07-29

CVE-2007-3928

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Yahoo! Messenger version 8.1

Description: A buffer overflow issue allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry.

Recommendations: For Yahoo! Messenger version 8.1, avoid using long e-mail addresses in address book entries until a fix is available. As a temporary workaround, consider restricting the length of e-mail addresses in address book entries to prevent potential exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-3928

Affected Products

Yahoo! Messenger

PT-2007-5148 · Yahoo · Yahoo! Messenger

CVE-2007-3928

Weakness Enumeration

Related Identifiers

Affected Products

References · 8