Gravité: : Medium
  Identifiant(s) CVE: : CVE-2008-0623,CVE-2008-0624,CVE-2008-0625
  Date du conseil: 21 juillet 2015

  Description

Multiple buffer overflow vulnerabilities exist in Yahoo! Music Jukebox. These vulnerabilities are caused due to boundary errors within the Yahoo! Music Jukebox ActiveX Control. A remote attack can exploit these vulnerabilities by enticing the target user to open a crafted webpage, potentially causing arbitrary code to be injected and executed in the security context of the current user.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1001424
  Trend Micro Deep Security DPI Rule Name: 1001424 - Microsoft Internet Explorer Yahoo! Music Jukebox AddBitmap & AddButton ActiveX Remote Buffer Overflow

  Affected software and version:

  • Microsoft Internet Explorer