Yahoo! battered by second ActiveX vulnerability

	SecurityReason
News

Search

SecurityAlert

About SecurityAlert

ExploitAlert

SecurityReason Research

	WLB
WLB Database

Send to WLB

About WLB

	RSS
News

SecurityAlert

World Laboratory of Bugtraq

ExploitAlert

Apache

PHP

	Corporate
Contact

About us

	Services
SecurePHP


	Note
If you have found a vulnerability, please send to our SecurityAlert Database : secalert()securityreason()com Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive : exploit()securityreason()com

News from: World

» Topic: Yahoo! battered by second ActiveX vulnerability

» Added by: John Leyden

» Date: 3.9.2007

Yahoo! users are urged to upgrade their instant messaging software following the discovery of a brace of security vulnerabilities - the second set of serious security flaws involving Yahoo! Messenger in as many weeks.

The latest security bugs both stem from stack-based buffer overflow flaws in the YVerInfo.dll ActiveX control. Successful exploitation, which is far from straightforward, creates a means for hackers to inject hostile code onto systems running vulnerable versions of Yahoo! Messenger.

In order to exploit the bugs, hackers would need to establish a malicious web page in the yahoo.com domain, which might be done by methods such as a cross-site scripting vulnerability or by manipulating DNS resolution, security notification firm Secunia reports.

The vulnerabilities affect versions of Yahoo! Messenger 8.x prior to version 8.1.0.419, released late last week. Users are urged to upgrade.

More background can be found in security advisories from Yahoo! (here) and iDefense (here), the firm that discovered the bug.

Last month security researchers identified an even more serious bug - again involving a dodgy ActiveX control - that meant users were exposed to attack providing they accepted a webcam invite from a hacker.

Source : http://www.theregister.co.uk/

	Alert
BSD libc (strfmon) Multiple vulnerabilities - 2008-03-25 Maksymilian Arciemowicz discovered a Integer Overflow vulnerability in the libc library "strfmon()" function.A vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected BSD systems.


	Apache
» Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability

» Apache Tomcat information disclosure vulnerability

» Apache Tomcat XSS vulnerability

» Apache-SSL memory disclosure



	PHP
» PHP 5.2.6 chdir(),ftok() (standard ext) safe_mode bypass

» PHP 5.2.6 posix_access() (posix ext) safe_mode bypass

» PHP 5.2.5 and prior : *printf() functions Integer Overflow

» PHP 5.2.5 cURL safe_mode bypass