SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2007-3928

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.6
Exploit Score: 4.9
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SECTRACK-1018398

http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064669.html

BID-24926

SECUNIA-26066

SREASON-2906

http://www.xdisclose.com/advisory/XD100002.html

yahoo-messenger-address-book-bo(35434)


30430



423868



247974



909



194654



282