CVE-2007-4515
Summary
| CVE | CVE-2007-4515 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-08-31 22:17:00 UTC |
| Updated | 2017-07-29 01:32:00 UTC |
| Description | Buffer overflow in a certain ActiveX control in YVerInfo.dll before 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger before 8.1.0.419 allows remote attackers to execute arbitrary code via unspecified vectors involving arguments to the (1) fvCom and (2) info methods. NOTE: some of these details are obtained from third party information. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Security Update - Yahoo! Messenger | CONFIRM | messenger.yahoo.com | Patch |
| Yahoo! Messenger YVerInfo.DLL ActiveX Control Multiple Buffer Overflow Weaknesses | BID | www.securityfocus.com | |
| 37739 | OSVDB | osvdb.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| SecurityReason - Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities | SREASON | securityreason.com | |
| Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflows - Advisories - Secunia | SECUNIA | secunia.com | Patch, Vendor Advisory |
| Yahoo! Messenger Buffer Overflow in ActiveX Control Lets Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | securitytracker.com | |
| 20070830 Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities | IDEFENSE | labs.idefense.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.