cbcvebase.

Yahoo Toolbar vulnerabilities

4 known vulnerabilities affecting yahoo/toolbar.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2007-6228P4MEDIUMCVSS 6.8PoCv1.4.12007-12-04
CVE-2007-6228 [MEDIUM] CWE-119 CVE-2007-6228: Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolb Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolbar 1.4.1 allows remote attackers to cause a denial of service (browser crash) via a long argument to the c method.
nvd
CVE-2017-2253P4HIGHCVSS 7.8≤ 8.0.0.62017-07-17
CVE-2017-2253 [HIGH] CWE-426 CVE-2017-2253: Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 and earlier, with its timestamp prior to June 13, 2017, 18:18:55 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
nvd
CVE-2012-2647P4MEDIUMCVSS 5.8≤ 1.0.0.52012-07-31
CVE-2012-2647 [MEDIUM] CWE-200 CVE-2012-2647: Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the confi Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page.
nvd
CVE-2013-6853P4MEDIUMCVSS 4.3v3.1.0.20130813024103v2.5.9.20134181004202014-01-26
CVE-2013-6853 [MEDIUM] CWE-79 CVE-2013-6853: Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin for FireFox 3.1.0.20 Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin for FireFox 3.1.0.20130813024103 for Mac, and 2.5.9.2013418100420 for Windows, allows remote attackers to inject arbitrary web script or HTML via a crafted URL that is stored by the victim.
nvd
Yahoo Toolbar vulnerabilities | cvebase