This script is Copyright (C) 2012 Tenable Network Security, Inc.
The instant messaging application on the remote Windows host is
affected by an integer overflow vulnerability.
The version of Yahoo! Messenger installed on the remote host is
earlier than 126.96.36.199 and is reportedly affected by an integer
overflow. The error exists in the method 'CYImage::LoadJPG' in the
A remote attacker could execute arbitrary code by tricking a user into
accepting a crafted JPG image that triggers the overflow.
Note that the photo sharing functionality is not enabled by
Upgrade to Yahoo! Messenger version 188.8.131.52 or later.
Risk factor :
Medium / CVSS Base Score : 5.1
CVSS Temporal Score : 3.8
Public Exploit Available : false