Computer Security Research - McAfee Labs Blog

Potential Yahoo Messenger Zero-Day

Tuesday August 14, 2007 at 7:00 am CST
Posted by Karthik Raman

A post on a Chinese-language security forum claims that there is a zero-day vulnerability in Yahoo Messenger. Researchers at Avert Labs have found that this flaw may allow for user-assisted remote-code execution attacks. No code exploiting this flaw has been published yet.

We’re currently working with Yahoo to be able to confirm or deny that this is a zero-day.

We’ll keep you updated.

This entry was posted on Tuesday, August 14th, 2007 at 07:00 and is filed under Exploit Research, Vulnerability Research, Zero-Day. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Potential Yahoo Messenger Zero-Day”

Scott Blomquist Says:
August 15th, 2007 at 09:42
Hi Karthik,
Good work, luckily nobody here runs any webcams.
Hope everything is going well and you’ve had some time to enjoy the summer.

Scott
Yahoo! Coder’s Cookbook » The Yahoo! Messenger Zero-day for the Month of August Says:
August 22nd, 2008 at 13:44
[...] overflow in the webcam component. The news was apparently first exposed my McAfee in a blog post at http://www.avertlabs.com/research/blog/index.php/2007/08/14/potential-yahoo-messenger-zero-day/. A second post at [...]
Possible Zero-Day Problem for YM (UPDATED) | The BLIPS Network Says:
July 27th, 2009 at 23:23
[...] up for Yahoo! Messenger users. McAfee Avert Labs Blog reports about a potential zero-day vulnerability for your favorite instant messenger. While no exploit is known or is in the wild, it always pays to [...]

Potential Yahoo Messenger Zero-Day

3 Responses to “Potential Yahoo Messenger Zero-Day”

Leave a Reply

Archives

Categories