CVE-2007-1680 - Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control

CVE-2007-1680

Summary

Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before 20070313 allows remote attackers to execute arbitrary code via long (1) socksHostname and (2) hostname properties.

References

Vulnerable Configurations

cpe:2.3:a:yahoo:messenger:8.0:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.0:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.0.0.863:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.0.0.863:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.0_2005.1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.0_2005.1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.1.0.209:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.1.0.209:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.1.0.239:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:messenger:8.1.0.239:*:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 16-10-2018 - 16:40)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid	23291
bugtraq	20070403 ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow
cert-vn	VU#388377
confirm	http://messenger.yahoo.com/security_update.php?id=031207
misc	http://www.zerodayinitiative.com/advisories/ZDI-07-012.html
osvdb	34319
sectrack	1017867
secunia	24742
sreason	2523
vupen	ADV-2007-1219
xf	yahoo-yahooaudioconf-activex-bo(33408)

saint via4

bid	23291
description	Yahoo Messenger AudioConf ActiveX control buffer overflow
id	misc_yahoomsgrver
osvdb	34319
title	yahoo_messenger_audioconf
type	client

Last major update

16-10-2018 - 16:40

Published

06-04-2007 - 01:19

Last modified

16-10-2018 - 16:40