Yahoo! Messenger! multiple! vulns! By Thomas C Greene in Washington Posted: 28/05/2002 at 09:08 GMT There are two new Yahoo Instant Messenger (YIM) vulnerabilities which can potentially compromise a user's machine, Vietnamese researcher Phuong Nguyen has discovered. Yahoo! has been notified and a fixed version is available for download here. First up, an unchecked buffer which enables any URL beginning with 'ymsgr:' to call ypager.exe, crash it and run malicious code if the messenger is integrated with the browser. All that's needed is 268 bytes to overflow the buffer, and exploit code can be loaded with the user's level of privilege. The 'call', 'sendim', 'getimv', 'chat', 'addview' and 'addfriend' function calls can be exploited, Nguyen says. Read more here: http://www.theregister.co.uk/content/55/25466.html Other references: http://nl2.vnunet.com/News/1132167 http://news.com.com/2100-1023-923638.html http://zdnet.com.com/2100-1105-923683.html =A9 2002, Situation Publishing. All rights reserved.. Partial Article Reposted with Permission. ~*~*~*~*~ To unsubscribe from our list send an email to hackfix-virusnews-request@xxxxxxxxxxxxx?Subject=unsubscribe. For a complete list of email commands for our list send an email to ecartis@xxxxxxxxxxxxx with a subject line of "info hackfix-virusnews" without the quotes. ~*~*~*~*~