Filename Display Vulnerability in Yahoo! Messenger
CVE-2005-0243

Currently unrated

Key Information:

Vendor: Yahoo
Status: Messenger
Vendor: CVE Published:; 17 February 2005

What is CVE-2005-0243?

A vulnerability in Yahoo! Messenger allows attackers to exploit improper handling of long filenames in file dialog boxes. This security flaw could enable remote attackers to mislead users into downloading and executing potentially harmful programs using cleverly crafted filenames that contain excessive spaces and multiple extensions. The issue is present in Yahoo! Messenger version 6.0.0.1750 and possibly earlier versions, raising significant concerns about user safety in file transfers.

References

http://secunia.com/advisories/13712

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/secunia_research/2005-2/advisory/

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2005
Vulnerability Reserved
Feb 8, 2005

CVE-2005-0243 Data

JSON