Summary
This host is installed with Yahoo! Messenger and is prone to Denial of Service Vulnerability.
Impact
Successful exploitation will allow remote attackers to cause Denial of Service condition on the affected applicaion.
Impact Level: Application
Solution
Upgrade to Yahoo! Messenger version 10.0.0.1270 or later For updates refer to http://messenger.yahoo.com/download/
Insight
The flaw is due to a NULL pointer dereference error in 'RegisterMe()' method in 'YahooBridgeLib.dll', which can be exploited by causing victim to visit a specially crafted Web page.
Affected
Yahoo! Messenger version 9.x to 9.0.0.2162 on Windows.
References
Severity
Classification
-
CVE CVE-2009-4171 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- AVG Anti-Virus UPX Processing Denial of Service Vulnerability
- chm2pdf Insecure Temporary File Creation or DoS Vulnerability
- Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Linux
- ClamAV Prior to 0.96.5 Multiple Vulnerabilities
- Ciscokits TFTP Server Long Filename Denial Of Service Vulnerability