Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow

Posted on Friday, August 31, 2007 @ 08:56:23 PDT in Security
by Raven



CRITICAL: Highly critical

IMPACT: DoS, System access

WHERE: >From remote

SOFTWARE: Yahoo! Messenger 8.x -

DESCRIPTION: A vulnerability has been reported in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the YVerInfo.dll ActiveX control and can be exploited to cause a buffer overflow e.g. when a user is tricked into viewing a malicious web page. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in YVerInfo.dll versions prior to 2007.8.27.1 included in Yahoo! Messenger downloaded before 2007-08-29.

SOLUTION: Update to version -

PROVIDED AND/OR DISCOVERED BY: The vendor credits iDefense Labs.

click Related        click Share
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 369,909,111
  • Today: 40,919
Server InfoServer Info
  • Oct 22, 2018
  • 12:00 pm PDT

Daily Inspiration