Buffer Overflow Vulnerability Found in Yahoo! Messenger 8.1
by Russell Shaw
Insecure.org has posted a buffer overflow security advisory for the Address Book component of Yahoo! Messenger 8.1.
Because Yahoo! Messenger is used on mobile devices as well as PCs, I thought you would want to know about this.
According to the advisory:
A buffer overflow vulnerability is discovered in the Yahoo! Messenger for Microsoft Windows. Buffer overflow occurs when Yahoo! Messenger loads a specially crafted address book entry.
The advisory goes on to say that the issue arises when you:
Create a address book entry using yahoo portal with large amount of ‘a’ in “email address” textbox.
Login to Yahoo messenger.
Go to address book tab in Yahoo Messenger, and
Place your mouse over the specially crafted address book entry
When you do this, states the advisory, Yahoo Messenger will immediately crash.
The vulnerability is further exploited when an address book is sent to the victim with specially crafted address, and as the advisory puts it, the sender “social engineer (s) the victim to place mouse over the imported address.
Not cool in so many ways.
As to the technical reason for this not being cool, well:
“Successful exploitation may allows execution of arbitrary code with Privilege of currently log users.”
