Yahoo! Messenger "YMailAttach" ActiveX Control Remote Code Execution Vulnerability
A vulnerability has been identified in Yahoo! Messenger, which could be exploited by attackers to take complete control of an affected system. This flaw is due to a buffer overflow error in the "YMMAPI.YMailAttach" (ymmapi.dll) ActiveX control when handling malformed arguments passed to certain methods, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.

Affected Products

Yahoo! Messenger versions 8.x and prior

Solution

Upgrade to the latest version :
http://messenger.yahoo.com/download.php
더보기

댓글,