|
Family: Windows --> Category: infos
Yahoo! Messenger ActiveX Control Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks version of YMailAttach ActiveX control
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host has an ActiveX control that is affected by a
buffer vulnerability.
Description :
The remote host contains a version of the 'YMailAttach' ActiveX
control included with Yahoo! Messenger.
The version of this ActiveX control on the remote host reportedly has
an unspecified buffer overflow. If a possible hacker can trick a user on
the affected host into visiting a specially-crafted web page, he may
be able to leverage this issue to execute arbitrary code on the host
subject to the user's rights.
See also :
http://messenger.yahoo.com/security_update.php?id=120806
Solution :
Update to the latest version of Yahoo! Messenger.
Threat Level:
High / CVSS Base Score : 8.0
(AV:R/AC:H/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|