Earlier today Karthik had blogged about details of a new zero day in Yahoo! Messenger being published on some security forums in China, we got a chance to dig a bit deeper into this and were able to reproduce the vulnerability on Yahoo! Messenger version 8.1.0.413 based on the information provided in the forum. It seems like a classic heap overflow which can be triggered when the victim accepts a webcam invite. Note that this vulnerability is different from the recently patched one in June which exploited the Yahoo! Webcam ActiveX controls. |
Thursday, August 16, 2007
More on the Yahoo! Messenger Webcam Zero-day
Subscribe to:
Post Comments (Atom)
1 comments:
Đã add blo bạn vô cộng dồng Việt Blogger
http://vietnam-blogger.com
Post a Comment