Yahoo! Messenger Message Field Remote Overflow
High Nessus Network Monitor Plugin ID 1266
SynopsisThe remote host is vulnerable to a buffer overflow
DescriptionThe remote host is running Yahoo Instant Messenger. Version 5.0 of instant messenger contains a buffer overflow that may be exploited by a remote attacker by sending a message with an overly large message field. An attacker would have to craft a message of this type as Yahoo clients do not limit the size of messages sent. Exploitation of this vulnerability may allow for the execution of arbitrary code on the victim's computer.
SolutionUpgrade to the latest version of Yahoo Instant Messenger.