Yahoo! Messenger Unspecified ActiveX Control Buffer Overflow

A vulnerability has been found in Yahoo! Messenger, which potentially can be exploited by malicious people to compromise a user’s system.
The vulnerability is labeled as highly critical (by Secunia, Danish security company) and caused due to an unspecified error in an ActiveX control and can be exploited to cause a buffer overflow. No further information is currently available. The vulnerability is reported in versions obtained prior to Nov 2, 2006.
Solution proposed is update to the latest version, http://messenger.yahoo.com/. This problem has been reported by the vendor. Original Advisory is here.

Share this... Tweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Email this to someone

One Response

  1. Oh…This is indeed a need to know information.. But i Think that Yahoo should make a provision that whenever they find a vulnerability in their programms that should prompt for an update isnt it..

Leave a Reply