Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0243

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0243
Last Modified 05 Sep 2008 04:45:44
Published 17 Feb 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0243

Summary

Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file extensions.

Vulnerable Systems

Application

  • Yahoo Messenger 5.5

  • Yahoo Messenger 5.6

  • Yahoo Messenger 5.6.0.1351

  • Yahoo Messenger 6.0

  • Yahoo Messenger 6.0.0.1750


References

MISC - http://secunia.com/secunia_research/2005-2/advisory/

SECUNIA - 13712


Last Updated: 27 May 2016 10:39:44