VYPR
Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Jun 16, 2026

CVE-2002-2361

CVE-2002-2361

Description

The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing.

Affected products

4
  • Yahoo/Messenger4 versions
    cpe:2.3:a:yahoo:messenger:4.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:yahoo:messenger:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:yahoo:messenger:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:yahoo:messenger:5.5:*:*:*:*:*:*:*
    • (no CPE)range: 4.0, 5.0, 5.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.