Yahoo! Messenger YVerInfo.DLL ActiveX Control Multiple Buffer Overflow Weaknesses
BID:25494
Info
Yahoo! Messenger YVerInfo.DLL ActiveX Control Multiple Buffer Overflow Weaknesses
| Bugtraq ID: | 25494 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4515 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 30 2007 12:00AM |
| Updated: | Nov 04 2008 07:35PM |
| Credit: | The discover of this issue wishes to remain anonymous. This issue was disclosed in the referenced iDefense advisory. |
| Vulnerable: |
Yahoo! Messenger 8.1 .402 Yahoo! Messenger 8.1 Yahoo! Messenger 8.1.0.239 Yahoo! Messenger 8.1.0.209 |
| Not Vulnerable: |
Yahoo! Messenger 8.1 .419 |
Discussion
Yahoo! Messenger YVerInfo.DLL ActiveX Control Multiple Buffer Overflow Weaknesses
Yahoo! Messenger is prone to multiple buffer-overflow weaknesses because it fails to bounds-check user-supplied data before copying it into insufficiently sized buffers.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts likely result in denial-of-service conditions.
These issues affect Yahoo! Messenger 8.1; other versions may also be affected.
Yahoo! Messenger is prone to multiple buffer-overflow weaknesses because it fails to bounds-check user-supplied data before copying it into insufficiently sized buffers.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts likely result in denial-of-service conditions.
These issues affect Yahoo! Messenger 8.1; other versions may also be affected.
Exploit / POC
Yahoo! Messenger YVerInfo.DLL ActiveX Control Multiple Buffer Overflow Weaknesses
The following exploit is available:
The following exploit is available:
Solution / Fix
Yahoo! Messenger YVerInfo.DLL ActiveX Control Multiple Buffer Overflow Weaknesses
Solution:
Yahoo! has released an update. Please see the vendor references for more information.
Yahoo! Messenger 8.1.0.209
Yahoo! Messenger 8.1.0.239
Yahoo! Messenger 8.1
Yahoo! Messenger 8.1 .402
Solution:
Yahoo! has released an update. Please see the vendor references for more information.
Yahoo! Messenger 8.1.0.209
-
Yahoo! msgr8us.exe
http://us.dl1.yimg.com/download.yahoo.com/dl/msgr8/us/msgr8us.exe
Yahoo! Messenger 8.1.0.239
-
Yahoo! msgr8us.exe
http://us.dl1.yimg.com/download.yahoo.com/dl/msgr8/us/msgr8us.exe
Yahoo! Messenger 8.1
-
Yahoo! msgr8us.exe
http://us.dl1.yimg.com/download.yahoo.com/dl/msgr8/us/msgr8us.exe
Yahoo! Messenger 8.1 .402
-
Yahoo! msgr8us.exe
http://us.dl1.yimg.com/download.yahoo.com/dl/msgr8/us/msgr8us.exe
References
Yahoo! Messenger YVerInfo.DLL ActiveX Control Multiple Buffer Overflow Weaknesses
References:
References:
- Microsoft Support Document 240797 (Microsoft)
- Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabili (iDefense)
- Yahoo! ActiveX Control Update (Yahoo!)
- Yahoo! Messenger Homepage (Yahoo!)
- iDefense Security Advisory 08.30.07: Yahoo Messenger YVerInfo.dll ActiveX Multip (iDefense)