Overview
Yahoo! Messenger is an instant messaging client. A report indicates that there is a vulnerability that permits an attacker to spoof the source user name of a Yahoo! Messenger message.
Description
Yahoo! Messenger permits a user to place users on an ignore list. A vulnerability exists that permits users to spoof their source user names on messages. This permits users who have been ignored to continue to send messages to their victim user. |
Impact
This vulnerability could be used in a mass messaging attack that could lead to the denial of service of a client. |
Solution
This vulnerability was resolved in version 5,0,0,1058. |
Vendor Information
952875
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerablity was discovered by Scott Woodward
This document was written by Jason Rafail.
Other Information
| CVE IDs: | CVE-2002-0321 |
| CERT Advisory: | CA-2002-16 |
| Severity Metric: | 3.19 |
| Date Public: | 2002-02-21 |
| Date First Published: | 2002-06-05 |
| Date Last Updated: | 2002-06-05 21:08 UTC |
| Document Revision: | 15 |