 |
Name:
Yahoo!.Toolbar.URL.Shortcut.ActiveX.Control.Buffer
|
Released Date:
Feb 25 2008
|
Severity:
medium
|
CVE:
2007-6535
|
|
|
Bugtraq:
26956
|
|
|
|
|
FortiGuard Center
> Vulnerability Encyclopedia
In-Depth Analysis
|
Description
|
This indicates an attempt to exploit a buffer overflow vulnerability in Yahoo! Toolbar.
The vulnerability is caused by boundary errors within the YShortcut ActiveX control component of Yahoo! Toolbar. A remote attacker can exploit this vulnerability by enticing the target user to open a crafted webpage, potentially causing arbitrary code to be injected and executed in the security context of the current user.
|
|
|
|
Impact
|
|
System Compromise
|
|
|
|
Affected Products
|
|
Yahoo! Toolbar 1.4.1
|
|
Aliases
|
Yahoo!.Toolbar.URL.Shortcut.ActiveX.Control.Buffer.Overflow
|
|
References
|
http://www.securityfocus.com/bid/26956
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2007-6535
|
|
Recommended Actions
|
|
Currently we are not aware of any vendor supplied patch for this issue.
|
|
