cbcvebase.
CVE-2005-1671
published 2005-05-19

CVE-2005-1671: The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are…

PriorityP44low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.37%
28.8th percentile
The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive information from other users.

Affected

4 ranges
VendorProductVersion rangeFixed in
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.