Lucene search

SAINT CorporationSAINT:ADF27F5D66349F6B923188446152A60F

HistoryApr 12, 2007 - 12:00 a.m.

Yahoo Messenger AudioConf ActiveX control buffer overflow

2007-04-1200:00:00

SAINT Corporation

download.saintcorporation.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.672 Medium

EPSS

Percentile

98.0%

JSON

Added: 04/12/2007
CVE: CVE-2007-1680
BID: 23291
OSVDB: 34319

Background

Yahoo! Messenger is an instant messaging application. It includes the AudioConf ActiveX control which is provided by **yacscom.dll**.

Problem

A buffer overflow vulnerability in the AudioConf ActiveX control allows command execution when the **createAndJoinConference** method is called with a long **socksHostname** or **hostname** parameter.

Resolution

Download the latest version of Yahoo! Messenger.

References

<http://messenger.yahoo.com/security_update.php?id=031207>
<http://www.zerodayinitiative.com/advisories/ZDI-07-012.html>
<http://www.kb.cert.org/vuls/id/388377>

Limitations

Exploit works with Yahoo! Messenger 8.1.0.195 and requires a user to load the exploit page.

Platforms

Windows

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.672 Medium

EPSS

Percentile

98.0%

JSON

Related for SAINT:ADF27F5D66349F6B923188446152A60F