CVE-2005-0243
First published: Thu Feb 17 2005(Updated: )
Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file extensions.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yahoo Messenger | =5.6 | |
| Yahoo Messenger | =6.0.0.1750 | |
| Yahoo Messenger | =5.5 | |
| Yahoo Messenger | =5.6.0.1351 | |
| Yahoo Messenger | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0243?
CVE-2005-0243 has a moderate severity rating as it allows potential exploitation through social engineering.
How do I fix CVE-2005-0243?
To fix CVE-2005-0243, upgrade Yahoo Messenger to version 6.0.0.1921 or later.
What software is affected by CVE-2005-0243?
CVE-2005-0243 affects Yahoo Messenger versions prior to 6.0.0.1921, including versions 5.5 and 6.0.0.1750.
What type of vulnerability is CVE-2005-0243?
CVE-2005-0243 is a UI vulnerability that creates a potential for remote attackers to mislead users.
What impact does CVE-2005-0243 have?
CVE-2005-0243 could allow attackers to trick users into downloading and executing malicious files.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/tags
- agent/event
- agent/source
- vendor/yahoo
- canonical/yahoo messenger
- version/yahoo messenger/5.6
- version/yahoo messenger/6.0.0.1750
- version/yahoo messenger/5.5
- version/yahoo messenger/5.6.0.1351
- version/yahoo messenger/6.0