Short Name |
HTTP:STC:ACTIVEX:YAHOO-MSG |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Yahoo Messenger YahooBridgeLib.dll Unsafe ActiveX Control |
Release Date |
2012/12/03 |
Update Number |
2207 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to use unsafe ActiveX controls in the Yahoo Messenger YahooBridgeLib.dll. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser, resulting in a user-level arbitrary code execution.
Yahoo! Messenger is prone to a denial-of-service vulnerability because of a NULL-pointer dereference error. A successful attack allows a remote attacker to crash the application using the ActiveX control (typically Internet Explorer), denying further service to legitimate users. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. Yahoo! Messenger 9.0.0.2162 is vulnerable; other versions may also be affected.