1. Home
  2. CVE Database
  3. CVE-2005-1671
LOW · 2.1

CVE-2005-1671

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly wa...

Vulnerability Description

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive information from other users.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
YahooMessenger5.5

References

FAQ

What is CVE-2005-1671?

CVE-2005-1671 is a vulnerability with a CVSS score of 2.1 (LOW). The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly wa...

How severe is CVE-2005-1671?

CVE-2005-1671 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-1671?

Check the references section above for vendor advisories and patch information. Affected products include: Yahoo Messenger.