Did Yahoo put out a security notification yet? I don't see any mention
of a bug fix on the yahoo messenger page. And when I turn on my yahoo
messenger (ver 8.0.0.701), shouldn't I be alerted to receive an update?
- Siddhartha
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Hi,
Does anyone have more information on this issue?
snip
http://www.securityfocus.com/bid/20625/discuss
Yahoo! Messenger is prone to a remote buffer-overflow vulnerability
because it fails to properly bounds-check user-supplied data before
copying it to an insufficiently sized memory
,
- Siddhartha
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nick
FitzGerald
Sent: Monday, August 14, 2006 6:01 PM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Yahoo/Geocities possible
exploit/vulnerability
Jain, Siddhartha wrote:
I