Exploit Yahoo! Messenger 5.6 - File Transfer Buffer Overrun

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
23293
Проверка EDB
  1. Пройдено
Автор
HAT-SQUAD SECURITY TEAM
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2003-1135
Дата публикации
2003-10-27
Код:
source: Yahoo! Messenger File Transfer Buffer Overrun Vulnerability

Yahoo! Messenger is prone to a remotely exploitable buffer overrun vulnerability. An attacker may trigger this condition by initiating a malformed 'sendfile' request, which the victim user must then accept. This will reportedly result in an access violation error, which is likely due to memory corruption.

An attacker may theoretically exploit this condition to execute arbitrary code on a client system. This condition can be exploited via a malicious 'sendfile' link. 

YMSGR:sendfile?[victim_yahooID]+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%&c%c:\[somefile]
 
Источник
www.exploit-db.com

Похожие темы