The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted packet to the server, which triggers a disconnect from the server.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Messenger | Yahoo | 5.5 (including) | 5.5 (including) |
| Messenger | Yahoo | 5.6 (including) | 5.6 (including) |
| Messenger | Yahoo | 6.0 (including) | 6.0 (including) |