Vulnerability Database

308,379

Total vulnerabilities in the database

CVE-2005-1671

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive information from other users.

Published: May 19, 2005
Updated: Nov 9, 2025
CVE: CVE-2005-1671
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
yahoo / messenger	5.6	5.6.x
yahoo / messenger	5.5	5.5.x
yahoo / messenger	5.6.0.1351	5.6.0.1351.x
yahoo / messenger	6.0	6.0.x

http://marc.info/?l=bugtraq&m=111643475210982&w=2

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo