13 matches found
Yahoo! Widgets Engine 4.0.3 YDPCTL.DLL ActiveX Control Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25086/info Yahoo! Widgets Engine is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue...
Yahoo! Widgets YDP ActiveX Control Buffer Overflow (CVE-2007-4034)
A buffer overflow vulnerability has been reported in Yahoo! Widgets YDPCTL.dll. Yahoo! Widgets is a free application platform for Mac OS X and Microsoft Windows.It offers a large set of desktop Widgets that perform a variety of functions. To trigger this issue, an attacker may create a malicious...
Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow
Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...
Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow
Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...
Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow
Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...
Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow
Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...
Yahoo! Widgets引擎YDPCTL.DLL控件栈溢出漏洞
BUGTRAQ ID: 25086 Yahoo! Widget是由雅虎推出的免费开源桌面应用程序平台,由Widget引擎和Widget工具两部分组成,可极大的便利网络操作和完善桌面应用。 Yahoo! Widget的YDPCTL.YDPControl.1ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 YDPCTL.YDPControl.1(YDPCTL.dll)ActiveX控件在处理GetComponentVersion方式时存在栈溢出漏洞。如果用户受骗访问了恶意站点并向该方式传送了超过512字节的超长字符串的话,就可以触发这个溢出,导致执行任意指令...
CVE-2007-4034
Stack-based buffer overflow in the YDPCTL.YDPControl.1 aka Yahoo! Installer Plugin for Widgets ActiveX control before 2007.7.13.3 20070620 in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: so...
Stack overflow
Stack-based buffer overflow in the YDPCTL.YDPControl.1 aka Yahoo! Installer Plugin for Widgets ActiveX control before 2007.7.13.3 20070620 in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: so...
CVE-2007-4034
The vulnerability CVE-2007-4034 affects Yahoo! Widgets’ ActiveX control YDPCTL.dll (YDPCTL.YDPControl.1) in Yahoo! Widgets before 4.0.5. A stack-based buffer overflow is triggered by a long argument to GetComponentVersion(), allowing remote execution of arbitrary code. Supported details in the co...
KLA10408 ACE vulnerability in Yahoo! Widgets
A buffer overflow was found in Yahoo! Widgets. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed argument. Original advisories - Related products Yahoo!-Widgets CVE list CVE-2007-4034 critical Solutio...
Yahoo! Widgets Engine 4.0.3 YDPCTL.DLL ActiveX Control Buffer Overflow Vulnerability
Yahoo! Widgets Engine 4.0.3 YDPCTL.DLL ActiveX Control Buffer Overflow Vulnerability. CVE-2007-4034. Remote exploit for windows platform source: http://www.securityfocus.com/bid/25086/info Yahoo! Widgets Engine is prone to a buffer-overflow vulnerability because it fails to bounds-check...
Yahoo! Widgets YDP YDPCTL.YDPControl.1 ActiveX (YDPCTL.dll) Buffer Overflow
The remote host contains the YDP ActiveX control, distributed as a part of Yahoo! Widgets. The version of this control installed on the remote host reportedly fails to validate input to the 'GetComponentVersion' method before storing it in a 512-byte buffer. If an attacker can trick a user on the...