[ news_security_news ]
Yahoo Messenger Fixes ActiveX Flaw
David Utter
Staff Writer
2007-04-05
 Security News RSS Feed
A buffer overflow in the audio conferencing feature of Yahoo Messenger could have been exploited by attackers.
Visiting the wrong website with an older version of Yahoo Messenger could have left a person's system open to a drive-by ActiveX exploit. Inadvertently viewing malicious HTML code on a website could have resulted in remote code execution.
Versions of Yahoo Messenger obtained before March 13th are at risk, and Yahoo urged Messenger users to upgrade to the latest version.
Further details about the issue appeared in their security update:
Some impacts of a buffer overflow might include being involuntarily logged out of a Chat and/or Instant Messaging session, the crash of an application such as Internet Explorer, and in some instances, the introduction of executable code. For this specific security issue, these impacts could only be possible if an attacker is successful in prompting someone to view malicious HTML code, most likely executed by getting a person to visit their web page.
A BugTraq post from 3Com's Zero Day Initiative about the issue listed at SecurityFocus blamed a .dll file for the problem:
The specific flaw exists within the ActiveX control Yahoo.AudioConf:
DLL: yacscom.dll
CLSID: 85A4A99C-8C3D-499E-A386-E0743DFF8FB7
When large values are specified for the 'socksHostname' and 'hostname' properties, and the createAndJoinConference() method is called, a stack overflow occurs. Exploitation can result in code execution under the context of the current user.
---
Tags: Yahoo Messenger, Security, ActiveX
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Security News RSS Feed
|
|
RSS
Archive
Contact Us
Advertise
