Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development: Re: Yahoo Messenger 7.0.0.438 Crash Tested

Re: Yahoo Messenger 7.0.0.438 Crash Tested

From: <Fatal_Error_at_gmx.be>
Date: 22 Jun 2006 15:48:08 -0000

('binary' encoding is not supported, stored as-is) It seems that any number of alternative strings will work as well:
example:
"msg:_________________________________________iframe onload=$InlineAction()>:)" without quotes works as well.

[, -, ^, {, [alt-0160]'s all seem to work as well

Is there a cross scripting vulnerability as well? Inserting script commands brings up an odd Script Error screen and a file name.
Received on Jun 22 2006

This message: [ Message body ]
Next message: kladizkov001: "Re: Suse Linux 10.0 and 10.1 (EIP Overflow Questions)"
Previous message: Ivancool2003_at_yahoo.com.ar: "Re: Yahoo Messenger 7.0.0.438 Crash Tested"
Maybe in reply to: Ivancool2003_at_yahoo.com.ar: "Yahoo Messenger 7.0.0.438 Crash Tested"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]