CVE-2006-6603

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2006-6603 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by iDefense.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=456

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2006-6603

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Yahoo Instant Messenger version 8.0
* Yahoo Instant Messenger version 7.5
* Previous versions are suspected vulnerable as well.

This vulnerability can be triggered by a malicious website. Users would be required to have a vulnerable version of the target software installed and be lured to a malicious site.

The vulnerability specifically lays with in the following ActiveX Control:
ProgID: YMMAPI.YMailAttach
Clsid: AA218328-0EA8-4D70-8972-E987A9190FF4
File: C:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll
Version: 2004.11.23.1

The overflow is triggered by setting the TextETACalculating property to an overly long string.

Vendor Status:
Yahoo has addressed this vulnerability within version 2005.1.1.4 of their Messenger product.
This version sets the kill bit for the affected control.

CVE Information:
CVE-2006-6603

Disclosure Timeline:
* 10/26/2006 - Initial vendor notification
* 12/15/2006 - Initial vendor response
* 12/15/2006 - Coordinated public disclosure

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus