medium
5.1
CWE
189 119 190
Advisory Published
Updated

CVE-2012-0268: Buffer Overflow

First published: Thu Jan 19 2012(Updated: )

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.

Credit: PSIRT-CNA@flexerasoftware.com

Affected SoftwareAffected VersionHow to fix
Yahoo Messenger<=11.5.0.152
Yahoo Messenger=0.99.17-1
Yahoo Messenger=1.0
Yahoo Messenger=1.0.4
Yahoo Messenger=1.0.6
Yahoo Messenger=2.0.1.4
Yahoo Messenger=3.0
Yahoo Messenger=3.0.1
Yahoo Messenger=3.0.1-beta-35554
Yahoo Messenger=3.5
Yahoo Messenger=4.0
Yahoo Messenger=4.1
Yahoo Messenger=5.0
Yahoo Messenger=5.0.1046
Yahoo Messenger=5.0.1065
Yahoo Messenger=5.0.1232
Yahoo Messenger=5.5
Yahoo Messenger=5.5.1249
Yahoo Messenger=5.6
Yahoo Messenger=5.6.0.1347
Yahoo Messenger=5.6.0.1351
Yahoo Messenger=5.6.0.1355
Yahoo Messenger=5.6.0.1356
Yahoo Messenger=5.6.0.1358
Yahoo Messenger=6.0
Yahoo Messenger=6.0.0.1643
Yahoo Messenger=6.0.0.1750
Yahoo Messenger=6.0.0.1921
Yahoo Messenger=6.1
Yahoo Messenger=7.0
Yahoo Messenger=7.0.0.426
Yahoo Messenger=7.0.0.437
Yahoo Messenger=7.0.438
Yahoo Messenger=7.5
Yahoo Messenger=7.5.0.814
Yahoo Messenger=8.0
Yahoo Messenger=8.0.0.505
Yahoo Messenger=8.0.0.508
Yahoo Messenger=8.0.0.701
Yahoo Messenger=8.0.0.716
Yahoo Messenger=8.0.0.863
Yahoo Messenger=8.0.1
Yahoo Messenger=8.0_2005.1.1.4
Yahoo Messenger=8.1
Yahoo Messenger=8.1.0.195
Yahoo Messenger=8.1.0.209
Yahoo Messenger=8.1.0.239
Yahoo Messenger=8.1.0.244
Yahoo Messenger=8.1.0.249
Yahoo Messenger=8.1.0.401
Yahoo Messenger=8.1.0.402
Yahoo Messenger=8.1.0.413
Yahoo Messenger=8.1.0.416
Yahoo Messenger=8.1.0.419
Yahoo Messenger=8.1.0.421
Yahoo Messenger=9.0.0.797-beta
Yahoo Messenger=9.0.0.907-beta
Yahoo Messenger=9.0.0.922-beta
Yahoo Messenger=9.0.0.1389-beta
Yahoo Messenger=9.0.0.1912
Yahoo Messenger=9.0.0.2018
Yahoo Messenger=9.0.0.2034
Yahoo Messenger=9.0.0.2112
Yahoo Messenger=9.0.0.2123
Yahoo Messenger=9.0.0.2128
Yahoo Messenger=9.0.0.2133
Yahoo Messenger=9.0.0.2136
Yahoo Messenger=9.0.0.2152
Yahoo Messenger=9.0.0.2160
Yahoo Messenger=9.0.0.2161
Yahoo Messenger=9.0.0.2162
Yahoo Messenger=10.0.0.331-pre-alpha
Yahoo Messenger=10.0.0.525-beta
Yahoo Messenger=10.0.0.542-beta
Yahoo Messenger=10.0.0.1102
Yahoo Messenger=10.0.0.1241
Yahoo Messenger=10.0.0.1258
Yahoo Messenger=10.0.0.1264
Yahoo Messenger=10.0.0.1267
Yahoo Messenger=10.0.0.1270
Yahoo Messenger=11.0.0.1751
Yahoo Messenger=11.0.0.2009
Yahoo Messenger=11.0.0.2014

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203