Yahoo! Messenger Download Dialogue Box File Name Spoofing Vulnerability

Bugtraq ID:	12587
Class:	Design Error
CVE:	CVE-2005-0243
Remote:	Yes
Local:	No
Published:	Feb 18 2005 12:00AM
Updated:	Jul 12 2009 10:06AM
Credit:	Andreas Sandblad is credited with the discovery of this issue.
Vulnerable:	Yahoo! Messenger 6.0 .0.1750
Not Vulnerable:	Yahoo! Messenger 6.0 .0.1921

Yahoo! Messenger Download Dialogue Box File Name Spoofing Vulnerability

A remote download dialogue box spoofing vulnerability affects Yahoo! Messenger. This issue is due to a design error that facilitates the spoofing of file names.

An attacker may leverage this issue to spoof downloaded file names to unsuspecting users. This issue may lead to a compromise of the target computer as well as other consequences.

It should be noted that although only Yahoo! Messenger version 6.0.0.1750 is reportedly affected; earlier versions may be affected as well.

Yahoo! Messenger Download Dialogue Box File Name Spoofing Vulnerability

No exploit is required to leverage this issue.

Yahoo! Messenger Download Dialogue Box File Name Spoofing Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.


Yahoo! Messenger 6.0 .0.1750

• Yahoo! Messenger 6.0 Build 1921
  http://messenger.yahoo.com/

Yahoo! Messenger Download Dialogue Box File Name Spoofing Vulnerability

References:

• Yahoo! Messenger File Transfer Filename Spoofing (Secunia)
  
• Yahoo! Messenger Homepage (Yahoo!)
  
• Yahoo! Messenger Security Updates (Yahoo!)