Name:
Yahoo.Messenger.File.Transfer.Filename.Spoofing
Released Date:
Nov 26 2006
Severity:
medium
CVE:
2005-0243
Bugtraq:
12587

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
A remote download dialogue box spoofing vulnerability affects Yahoo! Messenger. This issue is due to a design error that facilitates the spoofing of file names.

An attacker may leverage this issue to spoof downloaded file names to unsuspecting users. This issue may lead to a compromise of the target computer as well as other consequences.
 
Impact
Compromise of the target computer as well as other consequences.
 
Affected Products
Yahoo! Messenger 6.0.0.1750
Aliases
References
http://www.securityfocus.com/bid/12587
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-0243
Recommended Actions
The vendor has released an upgrade dealing with this issue.
Yahoo! Messenger 6.0.0.1750

Yahoo! Messenger 6.0 Build 1921
http://messenger.yahoo.com/

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED