Page 2 of 33 results (0.007 seconds)

CVSS: 9.3EPSS: 87%CPEs: 1EXPL: 2

Buffer overflow in a certain ActiveX control in YVerInfo.dll before 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger before 8.1.0.419 allows remote attackers to execute arbitrary code via unspecified vectors involving arguments to the (1) fvCom and (2) info methods. NOTE: some of these details are obtained from third party information. Un desbordamiento de búfer en cierto control ActiveX en YVerInfo.dll versiones anteriores a 2007.8.27.1 en la conjunto de servicios para Yahoo! • https://www.exploit-db.com/exploits/16522 https://www.exploit-db.com/exploits/4351 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=591 http://messenger.yahoo.com/security_update.php?id=082907 http://osvdb.org/37739 http://secunia.com/advisories/26579 http://securityreason.com/securityalert/3083 http://securitytracker.com/id?1018628 http://www.securityfocus.com/bid/25494 http://www.vupen.com/english/advisories/2007/3011 https://exchange.xforce.ibmcloud.com/vuln • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 7%CPEs: 1EXPL: 2

Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attackers to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an "invite to view my webcam" request, and then injecting a DLL into the attacker's peer Yahoo! Messenger application when this request is accepted. Desbordamiento de búfer basado en pila en Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 permite a atacantes remotos provocar denegación de servicio (caida de aplicación)a través de ciertas longitudes de campo en los datos JPEG2000, como se demostró con el envío de una respuesta a "una invitación para ver mi webcam", y su posterior inyección de una DLL dentro de la aplicación Yahoo! • https://www.exploit-db.com/exploits/30500 https://www.exploit-db.com/exploits/4335 http://osvdb.org/38221 http://secunia.com/advisories/26501 http://www.avertlabs.com/research/blog/index.php/2007/08/15/more-on-the-yahoo-messenger-webcam-0day http://www.kb.cert.org/vuls/id/515968 http://www.securityfocus.com/bid/25330 http://www.securitytracker.com/id?1018586 http://www.team509.com/expyahoo.rar http://www.vupen.com/english/advisories/2007/2917 https://exchan • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.6EPSS: 8%CPEs: 1EXPL: 0

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638. Desbordamiento de búfer en Yahoo! Messenger 8.1 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una dirección larga de correo electrónico en una entrada de la libreta de direcciones. NOTA: Esto podría solaparse con CVE-2007-3638. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064669.html http://secunia.com/advisories/26066 http://securityreason.com/securityalert/2906 http://www.securityfocus.com/bid/24926 http://www.securitytracker.com/id?1018398 http://www.xdisclose.com/advisory/XD100002.html https://exchange.xforce.ibmcloud.com/vulnerabilities/35434 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 1

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to execute arbitrary code via unspecified vectors, aka ZD-00000005. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. Un desbordamiento de búfer en Yahoo! • https://www.exploit-db.com/exploits/30314 http://www.securityfocus.com/bid/24784 http://www.wslabi.com/wabisabilabi/initPublishedBid.do? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 95%CPEs: 6EXPL: 5

Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en el control Yahoo! • https://www.exploit-db.com/exploits/16519 https://www.exploit-db.com/exploits/4042 https://www.exploit-db.com/exploits/4053 http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063817.html http://messenger.yahoo.com/security_update.php?id=060707 http://research.eeye.com/html/advisories/published/AD20070608.html http://research.eeye.com/html/advisories/upcoming/20070605.html http://secunia.com/advisories/25547 http://securityreason.com/securityalert/2809 http://securitytracker. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •