Impact: Execution of arbitrary code via network, User access via network
Advisory: Sentry Union
Version(s): 5.6.0.1347 and prior versions
Description: Tri Huynh from SentryUnion reported a buffer overflow in Yahoo! Messenger in the 'YAUTO.DLL' ActiveX component. A remote user can execute arbitrary code on the target system.
It is reported that a remote user can create HTML that, when loaded by the target user, will cause an arbitrary executable to be downloaded to the target user's computer and silently executed.
The report indicates that YAUTO.DLL is registered under a ProgID called "YAuto.NSAuto.1" and contains a buffer overflow in the Open() function. A remote user can pass a specially crafted URL to trigger the overflow and execute arbitrary code.
Impact: A remote user can execute arbitrary code on the target system with the privileges of the target user.
Solution: No solution was available at the time of this entry.
The author of the report indicates that, as a workaround, you can delete the YAUTO.DLL file in your Yahoo! Messenger directory.
Vendor URL: messenger.yahoo.com/ (Links to External Site)
Cause: Boundary error
Underlying OS: Windows (Any)
Reported By: Tri Huynh
http://www.securitytracker.com/alerts/2003/Dec/1008362.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic