PT-2007-7367 · Yahoo · Yahoo! Toolbar

Published

2007-12-27

Updated

2017-08-08

CVE-2007-6535

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Yahoo! Toolbar version 2006.8.15.1

Description A buffer overflow issue exists in the YShortcut ActiveX control, potentially allowing attackers to execute arbitrary code by providing a long string to the IsTaggedBM method.

Recommendations For Yahoo! Toolbar version 2006.8.15.1, consider disabling the YShortcut ActiveX control until a patch is available. Restrict access to the IsTaggedBM method to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-6535

Affected Products

Yahoo! Toolbar

PT-2007-7367 · Yahoo · Yahoo! Toolbar

CVE-2007-6535

Weakness Enumeration

Related Identifiers

Affected Products

References · 4