GCVE - cpe:2.3:a:yahoo:messenger:8.0.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:yahoo:messenger:8.0.1:*:*:*:*:*:*:*

part: a version: 8.0.1 update: *

Vendor	Yahoo (`0dc01c4f-a37d-56de-8e72-74e1c6cb3fab`)
Product	Messenger (`a48c261f-e43a-5937-a657-6b9f53c3f699`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-0268`	vulnerable	2026-06-03 14:31:35.191811	Details available Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow. Published: 2012-01-19T15:00:00.000Z Updated: 2024-09-17T01:46:26.816Z Open on db.gcve.eu Reference links http://secunia.com/advisories/47041	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3148`	vulnerable	2026-06-03 14:28:15.249585	Details available Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the receive method. Published: 2007-06-11T18:00:00.000Z Updated: 2024-08-07T14:05:29.296Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/4043 https://exchange.xforce.ibmcloud.com/vulnerabilities/34759 http://osvdb.org/37081 http://research.eeye.com/html/advisories/upcoming/20070605.html http://www.securityfocus.com/bid/24355	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3147`	vulnerable	2026-06-03 14:28:15.247886	Details available Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information. Published: 2007-06-11T18:00:00.000Z Updated: 2024-08-07T14:05:28.302Z Open on db.gcve.eu Reference links http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063817.html https://www.exploit-db.com/exploits/4042 http://www.securityfocus.com/bid/24354 http://research.eeye.com/html/advisories/upcoming/20070605.html http://www.kb.cert.org/vuls/id/949817	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.