Yahoo! Audio Conferencing ActiveX control vulnerable to buffer overflow

2003-06-02T00:00:00
ID VU:272644
Type cert
Reporter CERT
Modified 2003-06-02T18:53:00

Description

Overview

A remotely exploitable buffer overflow vulnerability has been discovered in the Yahoo! Audio Conferencing ActiveX control.

Description

The Yahoo! Audio Conferencing ActiveX control is used in the web-based Yahoo! Chat service, as well as in the Win32 Yahoo! Messenger application. There is a remotely exploitable buffer overflow in this ActiveX control that could allow a remote attacker to take various unauthorized actions. In order to exploit this vulnerability, the attacker would need to convince the victim to view malicious HTML (a web page, for example).


Impact

Various impacts are well summarized in the documentation issued by Yahoo! Inc. in response to this vulnerability:

Some common impacts of a buffer overflow might include being involuntarily logged out of a Chat and/or Messenger session, the crash of an application such as Internet Explorer, and in some instances, the introduction of executable code.


Solution

Update your Yahoo! Audio Conferencing ActiveX control. For detailed instructions, please see the Yahoo! Audio Conferencing Update web page.


Vendor Information

272644

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Vendor has issued information

__ Sort by: Status Alphabetical

Expand all

Affected Unknown __ Unaffected

Javascript is disabled. Click here to view vendors.

Yahoo! Inc.

Updated: June 02, 2003

Status

__ Vulnerable

Vendor Statement

Please see <http://help.yahoo.com/help/us/mesg/use/use-45.html>.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | | N/A

References

  • <http://chat.yahoo.com>
  • <http://messenger.yahoo.com/>
  • <http://www.securityfocus.com/bid/7561>
  • <http://zdnet.com.com/2100-1105_2-1011847.html>
  • <http://help.yahoo.com/help/us/mesg/use/use-45.html>
  • <http://silicon.com/news/500019-500013/1/4440.html>
  • <http://www.businessweek.com/technology/cnet/stories/1011847.htm>
  • <http://lists.netsys.com/pipermail/full-disclosure/2003-June/009944.html>

Acknowledgements

This vulnerability was discovered by Cesar .

This document was written by Ian A Finlay.

Other Information

CVE IDs: | None
---|---
Severity Metric:** | 3.00
Date Public:
| 2003-05-12
Date First Published: | 2003-06-02
Date Last Updated: | 2003-06-02 18:53 UTC
Document Revision: | 14