icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Yahoo! Messenger ymsgr Protocol Multiple Function Overflow

High

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running a version of Yahoo Instant Messenger that is vulnerable to multiple buffer overflows in the code that processes URLs of the type "ymsgr:". By supplying a specially crafted URL a remote attacker can exploit this vulnerability to execute arbitrary code on the client's machine.

Solution

Upgrade to the latest version of Yahoo Instant Messenger.