Yahoo! Messenger version 11.5 suffers from a buffer overflow vulnerability.
7effd2b540f78d3bd0dd3e6cabbdb016ba24c58d1c29c7b4db634aa999ae780aMibew Web Messenger version 1.6.4 suffers from a remote SQL injection vulnerability.
bed01cb6059bb09cc7e1502d369544b1281c6b3d3b97cc6e202f1af83fe360e7LAN Messenger versions 1.2.28 and below suffer from a remote denial of service vulnerability.
eff6948e4801547fe1cfebd1aacccadc027fc700ffd47ae47741cd482302bb51Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Novell Messenger Client, which can be exploited by malicious people to compromise a user's system.
52cb2fa218e45005737107ace7f2f69d5f2226bbab7340956c2f748f57a9d4a8Novell GroupWise Messenger versions 2.1.0 and below suffer from an arbitrary memory write vulnerability. Proof of concept code included.
2a860e7fc425db009ce68367eb366a207037f08cbda2c027cf4fa5a25d8f9723Novell GroupWise Messenger versions 2.1.0 and below suffer from a memory corruption vulnerability. Proof of concept code included.
7bf5d40c43687f0dd580d97a27bf832ee281150557d29f08aaeefdac37a8bcc1Novell GroupWise Messenger Client versions 2.1.0 and below suffer from a unicode stack overflow vulnerability. Proof of concept code included.
0e268a424cde5fd0ea8d5a4d615a84eb7ca0ba1673fe16ea7a7415099931f463This Metasploit module exploits a vulnerability in Icona SpA C6 Messenger version 1.0.0.1. The vulnerability is in the Downloader ActiveX Control (DownloaderActiveX.ocx). The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user.
5ff82482c6d0cc8cb96eb23172d540f4d5ded54210dbc21fe3ea60715403632aSecunia Security Advisory - AppSec has reported a security issue in MiTalk Messenger for Android, which can be exploited by malicious people to bypass certain security restrictions.
3d4f9f4d822abd9d405405c5b7b9b9d90ef4566ca42e79a2b426b189c4502897Secunia Security Advisory - CodSeq has discovered a vulnerability in Mibew Messenger, which can be exploited by malicious people to conduct cross-site request forgery attacks.
a7766612c2c403a4a0820c26efdd30bb8658122350e7fa07e0a4899b3340a6fcMibew Messenger version 1.6.4 suffers from multiple cross site scripting vulnerabilities.
70ca4b16e1bd521b1858f4631f536db54e0cb770544aff6b395c926a0f05eef9Secunia Security Advisory - Tielei Wang has discovered a vulnerability in Yahoo Messenger, which can be exploited by malicious people to compromise a user's system.
67e4d05e8d5a18096065f230473a7c784c0ebba77ee418f42ff350225ef25cc8Secunia Security Advisory - A security issue has been reported in WhatsApp Messenger, which can be exploited by malicious people to disclose potentially sensitive information.
f6dab7cea0114aa4f9a02710e16d749887c9dcf167be5d37f3a8265bd2b3cd7cSecunia Security Advisory - A vulnerability has been reported in Novell Messenger, which can be exploited by malicious people to disclose potentially sensitive information.
2ee572fb64897d443d5e0a0c24e6511673a9002f870276e8920c21e5051e8a0fRed Hat Security Advisory 2011-1371-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the Pidgin SILC protocol plug-in escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgin via a specially-crafted SILC message. Multiple NULL pointer dereference flaws were found in the way the Pidgin Yahoo! Messenger Protocol plug-in handled malformed YMSG packets. A remote attacker could use these flaws to crash Pidgin via a specially-crafted notification message.
f0ad974a63999ee0a2da67fe7b5c6434dc5657a1919e71a6c7d833f173143ae6eBuddy Web Messenger suffers from a cross site scripting vulnerability.
77b4fe175a400f550ca56f490b3da9cd7a692adb0823cd175fed9a0e611b28bbA vulnerability exists in the NetSaro Enterprise Messenger Server Administration Console allowing a remote attacker to obtain unauthenticated access to the applications source code. Attackers may make HTTP GET requests and append a Null Byte to allow download of the source code for the applications web pages. An attacker does not need to authenticate to obtain access to source code for pages that usually require authentication prior to viewing.
1231ae3590ce9f439d6b83bc44f312d176de967ea3fd246651485e8e72f9d537Secunia Security Advisory - Two weaknesses have been discovered in NetSaro Enterprise Messenger, which can be exploited by malicious, local users to disclose sensitive information.
0ec510e8c8447bf9d4530afe5205f79b5e2a0d52def23dbe84bacee38176c48bA vulnerability exists in the NetSaro Enterprise Messenger Server application allowing an attacker to obtain access to plaintext usernames and passwords. The stored passwords are used to authenticate users running the NetSaro Enterprise Client connecting to the server. This is a second level attack that requires access to the password files stored within the application root directory. An attacker who has previously compromised the host operating system or gained direct access to the NetSaro.fdb database file found in the "NetSaro Enterprise ServerDb" directory can obtain the user credentials using readily available tools.
5cbcfb103f656ef50499195011ab3f297cb4532d146aa664ccd91c09612fe813A vulnerability exists in the NetSaro Enterprise Messenger Server application allowing an attacker to easily decrypt passwords used to authenticate to the application. The application implements Base64 encoding to obfuscate the values of plaintext passwords used for logging into the server administration console. This is a second level attack that requires access to the password files stored within the application root directory. An attacker who has previously compromised the host operating system or achieved direct access to the configuration.xml file found in the "NetSaro Enterprise Server" directory can obtain the encoded user credentials and decrypt them using readily available Base64 decoding tools.
1e5e9c85c5226e719db82524ba8e52dd4a1526c77d534b61ca30a522f9e623abPaltalk Messenger version 10.0 suffers from an Active-X insecure method vulnerability.
3b4401939b9bca69589a54c90655ff168e700c9fd2e7f74591bc6d8108accfefMSN Live Messenger version 14.0 Plus! suffers from a DLL hijacking vulnerability.
aefdb3d190c9576d9c7aff86808641f8c0b86d00650059273a13b750b4452983Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows Messenger, which can be exploited by malicious people to compromise a user's system.
93ec5ce55a927a205df77f9cddc0499ccbc14e099c169d0fd3ab489449ccc670PHP Universal Web Messenger suffers from a cross-domain redirect vulnerability.
3d11a6d4f9d5cdf42c90ac17922caf1bba35357aa4b5bbdfd7e1d98500977074Secunia Security Advisory - Salvatore Fresta has discovered a security issue in the JE Messenger component for Joomla, which can be exploited by malicious users to compromise a vulnerable system.
1711bbab99b92690d2a202cee87df38ae8d0d3af893cc0af95a7e856ff28790dThe Joomla JE Messenger 1.0 suffers from a shell upload vulnerability.
28c7bab00d1980b37b55d7b9fe1701a9551802253ace9c0a2091c87047e44404
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed