|
Yahoo! Music Jukebox ActiveX Control Buffer Overflows
Description:
Some vulnerabilities have been discovered in Yahoo! Music Jukebox, which can be exploited by malicious people to compromise a user's system.
1) A boundary error in the YMP DataGrid ActiveX control (datagrid.dll) when handling arguments passed to the "AddImage()" and "AddButton()" methods can be exploited to cause a stack-based buffer overflow via an overly long argument.
2) A boundary error in the Yahoo! Mediagrid ActiveX control (mediagridax.dll) when handling arguments passed to the "AddBitmap()" method can be exploited to cause a stack-based buffer overflow via an overly long argument.
Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
NOTE: Working exploit code is publicly available.
The vulnerabilities are confirmed in Yahoo! Music Jukebox version 2.2.2.056. Other versions may also be affected.
Solution:
Set the kill-bit for the affected ActiveX controls
»secunia.com/advisories/28757/
--
Wilders Security Forum Admin
Microsoft MVP
I found this on broadbandreports.com please see what you think.
|