Vulnerability Description
Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yahoo | Audio Conferencing Activex Control | 1.0.0.43 |
References
- http://help.yahoo.com/help/us/mesg/use/use-45.html
- http://secunia.com/advisories/8924Patch
- http://www.kb.cert.org/vuls/id/272644Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/archive/1/323439Patch
- http://www.securityfocus.com/bid/7561
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12130
- http://help.yahoo.com/help/us/mesg/use/use-45.html
- http://secunia.com/advisories/8924Patch
- http://www.kb.cert.org/vuls/id/272644Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/archive/1/323439Patch
- http://www.securityfocus.com/bid/7561
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12130
FAQ
What is CVE-2003-1129?
CVE-2003-1129 is a vulnerability with a CVSS score of 2.6 (LOW). Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL wit...
How severe is CVE-2003-1129?
CVE-2003-1129 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1129?
Check the references section above for vendor advisories and patch information. Affected products include: Yahoo Audio Conferencing Activex Control.