CVE-2012-0268

Published Jan 19, 2012
Last updated 13 years ago
CVSS info 5.1
Overview

Description: Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.
Source: PSIRT-CNA@flexerasoftware.com
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 5.1
Impact score: 6.4
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-189
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D598BB4-F9F9-4013-9D02-7A88430D7E12",
            "versionEndIncluding": "11.5.0.152"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:0.99.17-1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E88F5CC4-EB8B-438E-9ADC-93231BFF5526"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CD6E7BF-1CBD-4CED-B5C4-8390FA9DEECE"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E46751B-048A-43C9-933F-4C0E7F59F6B2"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D8167DD-2B40-44AB-9775-4D6390606A29"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:2.0.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6944C050-C328-45DB-B2C3-0CA43C0D790C"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61D8486D-5156-4A8D-92D3-CE9CF171326B"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B694F873-BB64-4937-8142-83DB26425991"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:3.0.1:beta-35554:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CFBD546-F938-4DF2-9CB3-852D83AEC7DA"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "847E1B09-EC05-4594-A2C9-77D8C978A77B"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A5FAAEB-793F-405B-A8D9-872FCEEBFB55"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F7B2C0B-CC2C-4C90-8566-F449F593A3A1"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6BF80C1-8F4D-40AF-88FD-D1AFDC03EC6C"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.0.1046:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E28F9A8C-206B-49D3-9F25-D25F4CD74DF9"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.0.1065:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "077D9394-E0DB-4BE1-9666-ED98A459D57C"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.0.1232:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB29459E-C84F-46BC-9679-A55D285287E1"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "349A209F-6609-4809-B228-E84623FA268D"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.5.1249:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3EC324E2-C08F-4090-82CD-5A64165986F9"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92465439-530F-435E-976F-491AD3C56944"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.6.0.1347:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEAC4C7A-4A77-41ED-BC6D-6F962283107E"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.6.0.1351:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38232D5E-568C-4CFA-BA01-C35939D68AB2"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.6.0.1355:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E025BBCF-8E26-4E83-BA49-9A10E3011428"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.6.0.1356:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC0DD432-79BA-4750-B53C-A5149DACBE08"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:5.6.0.1358:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47ABA651-3F7A-4647-AA21-14B552694A00"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8EE7278-FFAD-489B-BDCC-BF6BA8D5DF0C"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:6.0.0.1643:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9479AAB-AFFD-4976-96AC-B97DE517BFC9"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:6.0.0.1750:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0595ECE8-C876-441F-B90A-FC8D80BA1034"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:6.0.0.1921:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3FFB3BF-1092-46E4-9C0D-FF91E0FB1371"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9E358E1-680D-4B98-9E61-F0B31773373F"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C35A346-6510-44D2-A36E-E6661B6586F3"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:7.0.0.426:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88A599C5-C8E8-41F9-887C-DACDF809FBE7"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:7.0.0.437:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54DBBFA3-CB37-41B3-85DA-C8AF20A8BA7E"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:7.0.438:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "451603CE-2DAF-47AF-A1E6-F79A514E1E51"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADE2C978-8812-489D-94F9-186B5519545B"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:7.5.0.814:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45452EA7-2FE3-496C-A523-6B5CDDB0C540"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7178A56-42F9-44BC-8742-402480F761FA"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.0.0.505:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F111CCF-7D39-4113-9138-5EAEE7BEFCBE"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.0.0.508:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3C87FBF-A993-461B-A912-29BF7999D5A9"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.0.0.701:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7B30F7E-536C-4547-8123-7A3E27701582"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.0.0.716:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2216FE62-D0A2-4BBB-973D-B839A1DDF915"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.0.0.863:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D369102-AC28-45D1-A9E7-B6C4F34529C1"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "012BF14B-1009-4BDE-A699-C5989F576199"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.0_2005.1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B4212E3-8338-430F-A9BC-A28D502B8B81"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21EC84BF-CDEB-4046-8736-C77C007D368B"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.195:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "544F71AF-1E2B-4F87-839C-EC981EC5D69D"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.209:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A9243F4-ADE8-4B7A-A195-EEAD41FF14EA"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.239:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CAF169E-8466-43EF-A03D-D49256EB2C18"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.244:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09125309-423D-4A4E-B7FB-37E4F531159B"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.249:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15660D84-B392-457E-B433-9B9180A49B3E"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.401:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67DE14CA-5781-4F78-8562-DDD53C7CB7E3"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.402:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6CB6D1A-E1A2-4E1C-9E02-24A192D72750"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.413:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40D0435F-F38D-42E2-AA34-F256B9D2B2C0"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.416:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25099018-E7E2-47A3-A57C-E2B106E75987"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.419:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AF049DF-9D3E-471A-958D-C760E8A894EB"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:8.1.0.421:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "661E07A2-FB77-4411-95B3-BD0ED72DC6B3"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.797:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0159CADA-CF93-4F4A-AC9D-D76D91B76AAF"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.907:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "982ECC94-686C-4965-8FBA-9D1F6F70213C"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.922:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBD43C5B-040D-4704-B049-3AC3DCE9C9CA"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.1389:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A0285E3-0D62-4870-96B8-20C7F3C00D90"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.1912:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "664D05A8-0EB0-48AE-9208-E66EA03B084E"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2018:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0F1C4DB-6A5F-4D35-AC17-218074419BDF"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2034:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A6ABACF-86B7-42B7-A15D-57EE6A765238"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2112:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE1C8908-D4C7-406D-AF03-E7406C480B34"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2123:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24C8559C-9D77-4BB3-981C-D151CB014DB1"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2128:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ABCAA3D-F88B-4081-A843-0BD6D78941C8"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2133:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CE5D420-216B-41C0-9E56-798F992D0A7A"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2136:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A30A5955-F276-4C86-8286-02AD0BC3DF7E"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2152:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7B990ED-2BAC-4093-A6CD-34F04C95E64F"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2160:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C60DAAA0-032B-4D9C-83FF-26FFC278F270"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2161:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF1DBCAF-12A7-490C-BADF-8534B78E06CC"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:9.0.0.2162:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A1FEC40-A9EA-44AF-9DF3-1F85E1DDE4FF"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.331:pre-alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E582D93-A84A-4C12-AE2B-4B2B71681BD8"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.525:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE43B4C9-8C06-4CCF-8BC4-75C75EEAD425"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.542:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41680B8B-2D8A-4583-9629-55833461AEAB"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.1102:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E921962-F4C1-4785-8E63-657F7C39E16F"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.1241:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CFF7B20-BB90-4A8A-8E6D-C91BF9238B31"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.1258:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA5BBB19-F1B8-4432-B48D-E9BC52D55729"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.1264:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93519572-6872-425A-81C3-52198B94CB88"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.1267:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "179796DF-BEB9-4611-8703-D959F1218C31"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:10.0.0.1270:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEAE7084-6DC6-423B-AA69-9F8C65305D49"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:11.0.0.1751:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27221A33-B95F-4FBE-B049-04CBA88B8CC9"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:11.0.0.2009:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD59825D-5C68-4B5C-A46E-6DAB2F953502"
          },
          {
            "criteria": "cpe:2.3:a:yahoo:messenger:11.0.0.2014:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B8234BC-4AC1-4A00-955B-D1F1467E11C0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
