NVD

Id
56516  
Name
CVE-2007-4391  
Description
Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attackers to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an "invite to view my webcam" request, and then injecting a DLL into the attacker"s peer Yahoo! Messenger application when this request is accepted.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-08-17  
Modified Date
2011-03-07  
Seq
2007-4391  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
287946 56516 CVE-2007-4391 http://www.avertlabs.com/research/blog/index.php/2007/08/15/more-on-the-yahoo-messenger-webcam-0day/  View
287947 56516 CVE-2007-4391 VU#515968  View
287948 56516 CVE-2007-4391 25330  View
287949 56516 CVE-2007-4391 1018586  View
287950 56516 CVE-2007-4391 http://www.team509.com/expyahoo.rar  View
287951 56516 CVE-2007-4391 ADV-2007-2917  View
287952 56516 CVE-2007-4391 yahoo-messenger-webcam-bo(36115)  View
287953 56516 CVE-2007-4391 https://www.xfocus.net/bbs/index.php?act=ST&f=2&t=64639&page=1#entry321749  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
51969 JVNDB-2007-000632 Yahoo! メッセンジャーの webcam stream の処理にヒープオーバーフローの脆弱性 Windows 版 Yahoo! メッセンジャー には、webcam stream を適切に処理できない問題が存在します。そのため、遠隔の第三者によって任意のコードを実行される可能性があります。 CVE-2007-4391 27746 CVE-2007-4391 56516 5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000632.html 2007-08-28 2007-08-31 View