Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow
Yahoo! Messenger AudioConf ActiveX Control Buffer OverflowSecunia Advisory: SA24742
Release Date: 2007-04-04
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Yahoo! Messenger 5.x , Yahoo! Messenger 6.x , Yahoo! Messenger 7.x, Yahoo! Messenger 8.x
CVE reference: CVE-2007-1680
Description:
A vulnerability has been reported in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the AudioConf ActiveX control (yacscom.dll) component of Yahoo! Messenger. This can be exploited to cause a stack-based buffer overflow by setting the "socksHostname" and "hostName" properties to an overly large string and then calling the "createAndJoinConference()" method.
Successful exploitation allows execution of arbitrary code when a user visits a malicious web site.
The vulnerability is reported in version 8.x. Other versions may also be affected.
Solution: Update to the latest version.
http://messenger.yahoo.com
Labels: Critical, Microsoft, Vulnerability
<< Home