In association with heise online

13 May 2008, 11:30

Yahoo! Assistant ActiveX code execution exploit

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Shanghai-based security researcher Sowhat (Feng Xue) reports on his web site of a vulnerability in the Yahoo! Assistant ActiveX control, primarily used in China. The hole can be exploited to execute arbitrary code via a malicious web page.

Memory corruption occurs when the ActiveX control is instantiated. As a result a virtual function call points to invalid data. This bug can be exploited by heap spraying. A detailed breakdown and proof of concept are provided in the advisory. Sowhat recommends setting the kill bit for the control, although a patch was apparently made available on 23 March.

See also


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit