CVE: CVE-2003-1129 - CVE-Search

CVE Details for CVE: CVE-2003-1129

Summary

Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat.

Timestamps
Last major update	11-07-2017 - 01:29
Published	31-12-2003 - 05:00
Last modified	11-07-2017 - 01:29

References

Vulnerable Configurations

cpe:2.3:a:yahoo:audio_conferencing_activex_control:1.0.0.43:*:*:*:*:*:*:*
cpe:2.3:a:yahoo:audio_conferencing_activex_control:1.0.0.43:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

NVD-CWE-Other

CVSS

Base

2.6

Impact

2.9

Exploitability

4.9

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

CVSS3

None

VIA4 references

cvss-vector via4

AV:N/AC:H/Au:N/C:N/I:N/A:P

refmap via4

bid	7561
bugtraq	20030530 Yahoo! Security Advisory: Yahoo! Voice Chat
cert-vn	VU#272644
confirm	http://help.yahoo.com/help/us/mesg/use/use-45.html
secunia	8924
xf	yahoo-audio-bo(12130)