Vulnerabilities > CVE-2002-1664 - Information Disclosure vulnerability in Yahoo Messenger 5.0

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

yahoo

NVD

Published: 2002-12-31

Updated: 2016-10-18

Summary

Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information.

Vulnerable Configurations

Part	Description	Count
Application	Yahoo Yahoo Messenger 5.0	1

References

http://marc.info/?l=bugtraq&m=101439616623230&w=2
http://www.cert.org/advisories/CA-2002-16.html
http://www.kb.cert.org/vuls/id/393195