CVE-2012-0268

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.1 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:P
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
yahoomessenger
𝑥
≤ 11.5.0.152
yahoomessenger
0.99.17-1
yahoomessenger
1.0
yahoomessenger
1.0.4
yahoomessenger
1.0.6
yahoomessenger
2.0.1.4
yahoomessenger
3.0
yahoomessenger
3.0.1
yahoomessenger
3.0.1:beta-35554
yahoomessenger
3.5
yahoomessenger
4.0
yahoomessenger
4.1
yahoomessenger
5.0
yahoomessenger
5.0.1046
yahoomessenger
5.0.1065
yahoomessenger
5.0.1232
yahoomessenger
5.5
yahoomessenger
5.5.1249
yahoomessenger
5.6
yahoomessenger
5.6.0.1347
yahoomessenger
5.6.0.1351
yahoomessenger
5.6.0.1355
yahoomessenger
5.6.0.1356
yahoomessenger
5.6.0.1358
yahoomessenger
6.0
yahoomessenger
6.0.0.1643
yahoomessenger
6.0.0.1750
yahoomessenger
6.0.0.1921
yahoomessenger
6.1
yahoomessenger
7.0
yahoomessenger
7.0.0.426
yahoomessenger
7.0.0.437
yahoomessenger
7.0.438
yahoomessenger
7.5
yahoomessenger
7.5.0.814
yahoomessenger
8.0
yahoomessenger
8.0.0.505
yahoomessenger
8.0.0.508
yahoomessenger
8.0.0.701
yahoomessenger
8.0.0.716
yahoomessenger
8.0.0.863
yahoomessenger
8.0.1
yahoomessenger
8.0_2005.1.1.4:_2005.1
yahoomessenger
8.1
yahoomessenger
8.1.0.195
yahoomessenger
8.1.0.209
yahoomessenger
8.1.0.239
yahoomessenger
8.1.0.244
yahoomessenger
8.1.0.249
yahoomessenger
8.1.0.401
yahoomessenger
8.1.0.402
yahoomessenger
8.1.0.413
yahoomessenger
8.1.0.416
yahoomessenger
8.1.0.419
yahoomessenger
8.1.0.421
yahoomessenger
9.0.0.797:beta
yahoomessenger
9.0.0.907:beta
yahoomessenger
9.0.0.922:beta
yahoomessenger
9.0.0.1389:beta
yahoomessenger
9.0.0.1912
yahoomessenger
9.0.0.2018
yahoomessenger
9.0.0.2034
yahoomessenger
9.0.0.2112
yahoomessenger
9.0.0.2123
yahoomessenger
9.0.0.2128
yahoomessenger
9.0.0.2133
yahoomessenger
9.0.0.2136
yahoomessenger
9.0.0.2152
yahoomessenger
9.0.0.2160
yahoomessenger
9.0.0.2161
yahoomessenger
9.0.0.2162
yahoomessenger
10.0.0.331:pre-alpha
yahoomessenger
10.0.0.525:beta
yahoomessenger
10.0.0.542:beta
yahoomessenger
10.0.0.1102
yahoomessenger
10.0.0.1241
yahoomessenger
10.0.0.1258
yahoomessenger
10.0.0.1264
yahoomessenger
10.0.0.1267
yahoomessenger
10.0.0.1270
yahoomessenger
11.0.0.1751
yahoomessenger
11.0.0.2009
yahoomessenger
11.0.0.2014
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/47041
http://secunia.com/advisories/47041