| VID |
28188 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The YMailAttach ActiveX control in Yahoo Messenger is vulnerable to a buffer overflow vulnerability. Yahoo Messenger is an instant messaging application. Yahoo Messenger includes several ActiveX controls. The YMailAttach ActiveX control prior to 2005.1.1.4 in Yahoo! Messenger, which is provided by ymmapi.dll, could allow a remote attacker to execute arbitrary code, caused by a buffer overflow vulnerability. By convincing a user to view a specially-crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker could execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer (or the program using the WebBrowser control) to crash.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://messenger.yahoo.com/security_update.php?id=120806
http://www.frsirt.com/english/advisories/2006/5016
http://www.kb.cert.org/vuls/id/901852
http://securitytracker.com/id?1017387
http://secunia.com/advisories/23401
* Platforms Affected:
Yahoo! Messenger version 8.x and earlier versions
Microsoft Windows Any version |
| Recommendation |
Update to the latest version of Yahoo Messenger, as specified in the Yahoo Security Update 12/8/06 at http://messenger.yahoo.com/security_update.php?id=120806 |
| Related URL |
CVE-2006-6603 (CVE) |
| Related URL |
21607 (SecurityFocus) |
| Related URL |
30899 (ISS) |
|
