Information Security all in one place!

Posts tagged “Instant messaging

Yahoo! Messenger v11.5 – Buffer Overflow Vulnerability


Yahoo! Messenger v11.5 – Buffer Overflow Vulnerability

Severity: High         Risk: High

Area of Impact: Drag & Drop – Message Box

Details of the Vulnerability:

Yahoo! Messenger Icon

Image via Wikipedia

A Buffer Overflow vulnerability has been detected on Yahoo Instant Messenger v11.5 client software.
The bug is located on the drag & drop message box function of the software when processing special crafted file transfers.
The vulnerability allows an local attacker to crash the software & all bound yahoo components.

Thus creating the buffer overflow

Proof of Concept: Testing purposes only!!

This vulnerability can be exploited by security enthusiasts. More details can be found here:

http://www.vulnerability-lab.com/get_content.php?id=432  
****The information provided in this advisory is provided as it is without any warranty.

Hack in Progress: Watch the vulnerability in action

No report from Yahoo as of yet. We will keep you posted on all the details.

Advertisements

Popular Chat Client Bashed; New AIM Privacy Issues


AOLs AIM Upgrade not recommended, says the Electronic Frontier Foundations (EFF), read the AIM-Post for the breaking blog news and the story and details from AIM-Threat-Post links.

 

EFF_logo_white

Blogged First: http://tinyurl.com/AIM-Post

EFF Story: http://tinyurl.com/AIM-Threat-Post