{"vuid":"VU#272644","idnumber":"272644","name":"Yahoo! Audio Conferencing ActiveX control vulnerable to buffer overflow","keywords":["Yahoo!","Voice Chat","ActiveX control"],"overview":"A remotely exploitable buffer overflow vulnerability has been discovered in the Yahoo! Audio Conferencing ActiveX control.","clean_desc":"The Yahoo! Audio Conferencing ActiveX control is used in the web-based Yahoo! Chat service, as well as in the Win32 Yahoo! Messenger application. There is a remotely exploitable buffer overflow in this ActiveX control that could allow a remote attacker to take various unauthorized actions. In order to exploit this vulnerability, the attacker would need to convince the victim to view malicious HTML (a web page, for example).","impact":"Various impacts are well summarized in the documentation issued by Yahoo! Inc. in response to this vulnerability: Some common impacts of a buffer overflow might include being involuntarily logged out of a Chat and/or Messenger session, the crash of an application such as Internet Explorer, and in some instances, the introduction of executable code.","resolution":"Update your Yahoo! Audio Conferencing ActiveX control. For detailed instructions, please see the Yahoo! Audio Conferencing Update web page.","workarounds":"","sysaffected":"","thanks":"This vulnerability was discovered by Cesar <sqlsec@yahoo.com>.","author":"This document was written by Ian A Finlay.","public":["http://chat.yahoo.com","http://messenger.yahoo.com/","http://www.securityfocus.com/bid/7561","http://zdnet.com.com/2100-1105_2-1011847.html","http://help.yahoo.com/help/us/mesg/use/use-45.html","http://silicon.com/news/500019-500013/1/4440.html","http://www.businessweek.com/technology/cnet/stories/1011847.htm","http://lists.netsys.com/pipermail/full-disclosure/2003-June/009944.html"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2003-05-22T14:57:55Z","publicdate":"2003-05-12T00:00:00Z","datefirstpublished":"2003-06-02T18:19:45Z","dateupdated":"2003-06-02T18:53:02Z","revision":17,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"10","cam_impact":"20","cam_easeofexploitation":"2","cam_attackeraccessrequired":"20","cam_scorecurrent":"3","cam_scorecurrentwidelyknown":"3.75","cam_scorecurrentwidelyknownexploited":"6.75","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":3.0,"vulnote":null}