13 May 2008, 11:30
Yahoo! Assistant ActiveX code execution exploit
Shanghai-based security researcher Sowhat (Feng Xue) reports on his Secway.org web site of a vulnerability in the Yahoo! Assistant ActiveX control, primarily used in China. The hole can be exploited to execute arbitrary code via a malicious web page.
Memory corruption occurs when the ActiveX control is instantiated. As a result a virtual function call points to invalid data. This bug can be exploited by heap spraying. A detailed breakdown and proof of concept are provided in the advisory. Sowhat recommends setting the kill bit for the control, although a patch was apparently made available on 23 March.
See also
- Yahoo! Assistant (3721) ActiveX Remote Code Execution Vulnerability, advisory from Sowhat
(mba)
Print Version | Send by email
| Permalink: http://h-online.com/-735171
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
