Vulnerability Description
Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to execute arbitrary code via unspecified vectors, aka ZD-00000005. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yahoo | Messenger | 8.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/24784
- http://www.wslabi.com/wabisabilabi/initPublishedBid.do?
- http://www.securityfocus.com/bid/24784
- http://www.wslabi.com/wabisabilabi/initPublishedBid.do?
FAQ
What is CVE-2007-3638?
CVE-2007-3638 is a vulnerability with a CVSS score of 6.0 (MEDIUM). Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to execute arbitrary code via unspecified vectors, aka ZD-00000005. NOTE: t...
How severe is CVE-2007-3638?
CVE-2007-3638 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3638?
Check the references section above for vendor advisories and patch information. Affected products include: Yahoo Messenger.