Site icon Panda Security Mediacenter

Critical Bugs Discovered In Yahoo Messenger and Microsoft GDI+

Three new vulnerabilites have been make publicly this week. Two for Yahoo Messenger Webcam ActiveX and one for Microsoft GDI+

Yahoo! Messenger Webcam Upload ActiveX Control Buffer Overflow

Security company eEye Digital Security has discovered two vulnerabilities for Yahoo’s instant messenger client software that were reported to Yahoo. The bugs are critical because allow remote [code] execution. Yahoo gave them its highest security threat rating.
The vulnerable control is part of the code for Webcam image upload and viewing (ywcupl.dll). Yahoo is working in a patch, nevertheless two publicly available exploits have been submited to Bugtraq and Full-Disclousre mailing lists. We think it willl be actively exploited by malware in a few days.
The PoC’s are inoffensive (execution of calc.exe) but it would be very easy to add  a more dangerous shellcodes.
Yahoo! Messenger version 8.1.0.249, incorporating ywcupl.dll version 2.0.1.4 is vulnerable. This vulnerability is currently unpatched.

Microsoft GDI+ Integer division by zero flaw handling .ICO files

CSIS Security group has found an “integer division by zero” flaw in GDI+ when parsing .ICO files. The vulnerability doesn’t allow remote code execution but it allow to crash Windows Explorer and other components like “Windows Picture and Fax Viewer”. The flaw was reported to Microsof and MSRC confirmed the vulnerability. It will be fixed in next Service Pack. The full advisory can be downloaded  at the following link: http://www.csis.dk/dk/forside/GdiPlus.pdf

Exit mobile version