CVE-2005-1618

Published: May 16, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted packet to the server, which triggers a disconnect from the server.

Affected (3)

Products: Yahoo: Messenger

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Yahoo Messenger	Version 5.5
Yahoo Messenger	Version 5.6
Yahoo Messenger	Version 6.0

References (6)

http://marc.info/?l=bugtraq&m=111601904204055&w=2

Source: cve@mitre.org

http://www.osvdb.org/16816

Source: cve@mitre.org

http://www.securityfocus.com/bid/13626

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=111601904204055&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/16816

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/13626

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.