Yahoo! Messenger < 11.5.0.155 CYImage::LoadJPG Method JPG File Handling Remote Integer Overflow

medium Nessus Plugin ID 58000

Synopsis

The instant messaging application on the remote Windows host is affected by an integer overflow vulnerability.

Description

The version of Yahoo! Messenger installed on the remote host is earlier than 11.5.0.155 and is reportedly affected by an integer overflow. The error exists in the method 'CYImage::LoadJPG' in the file 'YImage.dll'.

A remote attacker could execute arbitrary code by tricking a user into accepting a crafted JPG image that triggers the overflow.

Note that the photo sharing functionality is not enabled by default.

Solution

Upgrade to Yahoo! Messenger version 11.5.0.155 or later.

Plugin Details

Severity: Medium

ID: 58000

File Name: yahoo_msgr_11_5_0_155.nasl

Version: 1.4

Type: local

Agent: windows

Family: Windows

Published: 2/17/2012

Updated: 8/7/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5.1

Temporal Score: 3.8

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:yahoo:messenger

Required KB Items: SMB/Yahoo/Messenger/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/12/2012

Vulnerability Publication Date: 1/13/2012

Reference Information

CVE: CVE-2012-0268

BID: 51405

Secunia: 47041