Denial of Service Vulnerability in Yahoo! Messenger 7.5 and 7.0
CVE-2006-3298

Currently unrated

Key Information:

Vendor: Yahoo
Status: Messenger
Vendor: CVE Published:; 29 June 2006

What is CVE-2006-3298?

Yahoo! Messenger versions 7.5.0.814 and 7.0.438 are susceptible to a denial of service vulnerability that can be exploited by remote attackers. By sending specially crafted messages containing non-ASCII characters, an attacker can trigger a crash in the jscript.dll component of the application, effectively rendering the software unusable. This vulnerability poses a significant risk to users as it could lead to service interruptions and disruptions in communication.

References

http://www.security.nnov.ru/Gnews281.html

x_refsource_MISC

http://www.securityfocus.com/bid/18622

vdb-entryx_refsource_BID

http://secunia.com/advisories/20773

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 29, 2006
Vulnerability Reserved
Jun 28, 2006

CVE-2006-3298 Data

JSON