Yahoo! CD Player ActiveX Control 'open()' Method Stack Buffer Overflow Vulnerability
BID:51011
Info
Yahoo! CD Player ActiveX Control 'open()' Method Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 51011 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 20 2010 12:00AM |
| Updated: | Apr 20 2010 12:00AM |
| Credit: | shinnai |
| Vulnerable: |
Yahoo! Yahoo! CD Player 0 |
| Not Vulnerable: | |
Discussion
Yahoo! CD Player ActiveX Control 'open()' Method Stack Buffer Overflow Vulnerability
The Yahoo! CD Player ActiveX control ('YoPlyCd.dll') is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds check user-supplied input.
Attackers can exploit this issue to execute arbitrary code within the context of an application (typically Internet Explorer) that uses the ActiveX control. Failed exploit attempts will result in a denial-of-service condition.
The Yahoo! CD Player ActiveX control ('YoPlyCd.dll') is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds check user-supplied input.
Attackers can exploit this issue to execute arbitrary code within the context of an application (typically Internet Explorer) that uses the ActiveX control. Failed exploit attempts will result in a denial-of-service condition.
Exploit / POC
Yahoo! CD Player ActiveX Control 'open()' Method Stack Buffer Overflow Vulnerability
The following proof of concept code is available:
The following proof of concept code is available:
Solution / Fix
Yahoo! CD Player ActiveX Control 'open()' Method Stack Buffer Overflow Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Yahoo! CD Player ActiveX Control 'open()' Method Stack Buffer Overflow Vulnerability
References:
References:
- Yahoo! Homepage (Yahoo!)