CVE-2012-0268

Severity

51%

Complexity

49%

Confidentiality

106%

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

Type

Yahoo

First reported 13 years ago

2012-01-19 15:55:00

Last updated 13 years ago

2012-01-23 05:00:00

Affected Software

Yahoo Messenger 0.99.17-1

0.99.17-1

Yahoo Messenger 1.0

1.0

Yahoo Messenger 1.0.4

1.0.4

Yahoo Messenger 1.0.6

1.0.6

Yahoo Yahoo Webcam ActiveX Control 2.0.1.4

2.0.1.4

Yahoo Messenger 3.0

3.0

Yahoo Messenger 3.0.1

3.0.1

Yahoo Messenger 3.0.1 Beta build 35554

3.0.1

Yahoo Messenger 3.5

3.5

Yahoo Messenger 4.0

4.0

Yahoo Messenger 4.1

4.1

Yahoo Messenger 5.0

5.0

Yahoo!メッセンジャー 5.0.1046

5.0.1046

Yahoo Messenger 5.0.1065

5.0.1065

Yahoo Messenger 5.0.1232

5.0.1232

Yahoo!メッセンジャー 5.5

5.5

Yahoo Messenger 5.5.1249

5.5.1249

Yahoo!メッセンジャー 5.6

5.6

Yahoo Messenger 5.6.0.1347

5.6.0.1347

Yahoo!メッセンジャー 5.6.0.1351

5.6.0.1351

Yahoo!メッセンジャー 5.6.0.1355

5.6.0.1355

Yahoo Messenger 5.6.0.1356

5.6.0.1356

Yahoo Messenger 5.6.0.1358

5.6.0.1358

Yahoo!メッセンジャー 6.0

6.0

Yahoo Messenger 6.0.0.1643

6.0.0.1643

Yahoo Messenger 6.0.0.1750

6.0.0.1750

Yahoo!メッセンジャー 6.0.0.1921

6.0.0.1921

Yahoo Messenger 6.1

6.1

Yahoo!メッセンジャー 7.0

7.0

Yahoo Messenger 7.0.0.426

7.0.0.426

Yahoo Messenger 7.0.0.437

7.0.0.437

Yahoo Messenger 7.0.438

7.0.438

Yahoo Messenger 7.5

7.5

Yahoo!メッセンジャー 7.5.0.814

7.5.0.814

Yahoo!メッセンジャー 8.0

8.0

Yahoo Messenger 8.0.0.505

8.0.0.505

Yahoo Messenger 8.0.0.508

8.0.0.508

Yahoo Messenger 8.0.0.701

8.0.0.701

Yahoo Messenger 8.0.0.716

8.0.0.716

Yahoo!メッセンジャー 8.0.0.863

8.0.0.863

Yahoo Messenger 8.0.1

8.0.1

Yahoo Messenger 8.0_2005.1.1.4

8.0_2005.1.1.4

Yahoo Messenger 8.1

8.1

Yahoo Messenger 8.1.0.195

8.1.0.195

Yahoo!メッセンジャー 8.1.0.209

8.1.0.209

Yahoo Messenger 8.1.0.239

8.1.0.239

Yahoo Messenger 8.1.0.244

8.1.0.244

Yahoo!メッセンジャー 8.1.0.249

8.1.0.249

Yahoo Messenger 8.1.0.401

8.1.0.401

Yahoo!メッセンジャー 8.1.0.402

8.1.0.402

Yahoo Messenger 8.1.0.413

8.1.0.413

Yahoo Messenger 8.1.0.416

8.1.0.416

Yahoo Messenger 8.1.0.419

8.1.0.419

Yahoo!メッセンジャー 8.1.0.421

8.1.0.421

Yahoo Messenger 9.0.0.797 Beta

9.0.0.797

Yahoo Messenger 9.0.0.907 Beta

9.0.0.907

Yahoo Messenger 9.0.0.922 Beta

9.0.0.922

Yahoo Messenger 9.0.0.1389 Beta

9.0.0.1389

Yahoo Messenger 9.0.0.1912

9.0.0.1912

Yahoo Messenger 9.0.0.2018

9.0.0.2018

Yahoo Messenger 9.0.0.2034

9.0.0.2034

Yahoo Messenger 9.0.0.2112

9.0.0.2112

Yahoo Messenger 9.0.0.2123

9.0.0.2123

Yahoo Messenger 9.0.0.2128

9.0.0.2128

Yahoo Messenger 9.0.0.2133

9.0.0.2133

Yahoo Messenger 9.0.0.2136

9.0.0.2136

Yahoo Messenger 9.0.0.2152

9.0.0.2152

Yahoo Messenger 9.0.0.2160

9.0.0.2160

Yahoo Messenger 9.0.0.2161

9.0.0.2161

Yahoo Messenger 9.0.0.2162

9.0.0.2162

Yahoo Messenger 10.0.0.331 Pre-Alpha

10.0.0.331

Yahoo Messenger 10.0.0.525 Beta

10.0.0.525

Yahoo Messenger 10.0.0.542 Beta

10.0.0.542

Yahoo Messenger 10.0.0.1102

10.0.0.1102

Yahoo Messenger 10.0.0.1241

10.0.0.1241

Yahoo Messenger 10.0.0.1258

10.0.0.1258

Yahoo Messenger 10.0.0.1264

10.0.0.1264

Yahoo Messenger 10.0.0.1267

10.0.0.1267

Yahoo Messenger 10.0.0.1270

10.0.0.1270

Yahoo Messenger 11.0.0.1751

11.0.0.1751

Yahoo Messenger 11.0.0.2009

11.0.0.2009

Yahoo Messenger 11.0.0.2014

11.0.0.2014

Yahoo Messenger

References

47041

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.