Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-0268
cve-2012-0268
integer overflow
cyimage::loadjpg
yimage.dll
yahoo! messenger
remote code execution
crafted jpg image
nvd
heap-based buffer overflow
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.4%
Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.
Affected configurations
Node
yahoomessengerRangeβ€11.5.0.152
ORyahoomessengerMatch0.99.17-1
ORyahoomessengerMatch1.0
ORyahoomessengerMatch1.0.4
ORyahoomessengerMatch1.0.6
ORyahoomessengerMatch2.0.1.4
ORyahoomessengerMatch3.0
ORyahoomessengerMatch3.0.1
ORyahoomessengerMatch3.0.1beta-35554
ORyahoomessengerMatch3.5
ORyahoomessengerMatch4.0
ORyahoomessengerMatch4.1
ORyahoomessengerMatch5.0
ORyahoomessengerMatch5.0.1046
ORyahoomessengerMatch5.0.1065
ORyahoomessengerMatch5.0.1232
ORyahoomessengerMatch5.5
ORyahoomessengerMatch5.5.1249
ORyahoomessengerMatch5.6
ORyahoomessengerMatch5.6.0.1347
ORyahoomessengerMatch5.6.0.1351
ORyahoomessengerMatch5.6.0.1355
ORyahoomessengerMatch5.6.0.1356
ORyahoomessengerMatch5.6.0.1358
ORyahoomessengerMatch6.0
ORyahoomessengerMatch6.0.0.1643
ORyahoomessengerMatch6.0.0.1750
ORyahoomessengerMatch6.0.0.1921
ORyahoomessengerMatch6.1
ORyahoomessengerMatch7.0
ORyahoomessengerMatch7.0.0.426
ORyahoomessengerMatch7.0.0.437
ORyahoomessengerMatch7.0.438
ORyahoomessengerMatch7.5
ORyahoomessengerMatch7.5.0.814
ORyahoomessengerMatch8.0
ORyahoomessengerMatch8.0.0.505
ORyahoomessengerMatch8.0.0.508
ORyahoomessengerMatch8.0.0.701
ORyahoomessengerMatch8.0.0.716
ORyahoomessengerMatch8.0.0.863
ORyahoomessengerMatch8.0.1
ORyahoomessengerMatch8.0_2005.1.1.4
ORyahoomessengerMatch8.1
ORyahoomessengerMatch8.1.0.195
ORyahoomessengerMatch8.1.0.209
ORyahoomessengerMatch8.1.0.239
ORyahoomessengerMatch8.1.0.244
ORyahoomessengerMatch8.1.0.249
ORyahoomessengerMatch8.1.0.401
ORyahoomessengerMatch8.1.0.402
ORyahoomessengerMatch8.1.0.413
ORyahoomessengerMatch8.1.0.416
ORyahoomessengerMatch8.1.0.419
ORyahoomessengerMatch8.1.0.421
ORyahoomessengerMatch9.0.0.797beta
ORyahoomessengerMatch9.0.0.907beta
ORyahoomessengerMatch9.0.0.922beta
ORyahoomessengerMatch9.0.0.1389beta
ORyahoomessengerMatch9.0.0.1912
ORyahoomessengerMatch9.0.0.2018
ORyahoomessengerMatch9.0.0.2034
ORyahoomessengerMatch9.0.0.2112
ORyahoomessengerMatch9.0.0.2123
ORyahoomessengerMatch9.0.0.2128
ORyahoomessengerMatch9.0.0.2133
ORyahoomessengerMatch9.0.0.2136
ORyahoomessengerMatch9.0.0.2152
ORyahoomessengerMatch9.0.0.2160
ORyahoomessengerMatch9.0.0.2161
ORyahoomessengerMatch9.0.0.2162
ORyahoomessengerMatch10.0.0.331pre-alpha
ORyahoomessengerMatch10.0.0.525beta
ORyahoomessengerMatch10.0.0.542beta
ORyahoomessengerMatch10.0.0.1102
ORyahoomessengerMatch10.0.0.1241
ORyahoomessengerMatch10.0.0.1258
ORyahoomessengerMatch10.0.0.1264
ORyahoomessengerMatch10.0.0.1267
ORyahoomessengerMatch10.0.0.1270
ORyahoomessengerMatch11.0.0.1751
ORyahoomessengerMatch11.0.0.2009
ORyahoomessengerMatch11.0.0.2014
References
Related
nessus
nessus
openvas
openvas
Yahoo Messenger JPG Photo Sharing Integer Overflow Vulnerability
2012-01-23 00:00:00
Yahoo Messenger JPG Photo Sharing Integer Overflow Vulnerability
2012-01-23 00:00:00
kaspersky
kaspersky
KLA10406 ACe vulnerability in Yahoo! Messenger
2012-01-19 00:00:00
nvd
nvd
CVE-2012-0268
2012-01-19 15:55:00
prion
prion
Integer overflow
2012-01-19 15:55:00
seebug
seebug
Yahoo Messenger ".jpg"ζδ»Άε€ηηΌε²εΊζΊ’εΊζΌζ΄
2012-01-17 00:00:00
cvelist
cvelist
CVE-2012-0268
2022-10-03 16:15:38
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.4%
Related for CVE-2012-0268