Yahoo! Webcam ActiveX Controls Multiple Buffer Overflows
"eEye Digital Security has discovered two critical vulnerabilities in ywcupl.dll (version 2.0.1.4) and ywcvwr.dll (version 2.0.1.4) included by default in all releases of Yahoo! Messenger 8.x. Ywcupl.dll is Yahoo's Webcam Upload ActiveX Control used by Yahoo! Messenger to stream content from a user's webcam to other users. Ywcvwr.dll is Yahoo! Messenger's Webcam Viewer ActiveX Control used to view any streamed content. These files are normally used only when viewing or streaming webcam content to and from Yahoo Messenger, but they are incorrectly marked safe for scripting and can be instantiated by any website. Furthermore they both fail to perform bounds checking on variables resulting in 2 stack-based buffer overflow conditions that could allow arbitrary code to execute in the context of the logged-in user."
eEye Digital Security: http://research.eeye.com/html/advisories/published/AD20070608.html
"Over the next several weeks, users worldwide will be prompted to update to a new version of Yahoo! Messenger upon signing into the service. If you choose not to update and you have not updated via this page or at messenger.yahoo.com, the vulnerability will still exist."
Yahoo!: http://messenger.yahoo.com/security_update.php?id=060707
Update now and install the new version manually, you can download the latest version of Yahoo! Messenger from http://messenger.yahoo.com.
Posted
Jun 08 2007, 05:10 PM
by
tashi