CVE-2002-2361 — MEDIUM severity vulnerability (The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not)
The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing.
| CVE ID | CVE-2002-2361 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.8 |
| CVSS vector | AV:N/AC:M/Au:N/C:P/I:P/A:N |
| CWE | CWE-264 |
| Status | Modified |
| Published | 2002-12-31 |
| Last modified | 2026-04-16 |
| Description | The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →