Severity: : Medium
  CVE Kennungen: : CVE-2008-0623,CVE-2008-0624,CVE-2008-0625
  Advisory Date: 21 de июля de 2015

  DESCRIPTION

Multiple buffer overflow vulnerabilities exist in Yahoo! Music Jukebox. These vulnerabilities are caused due to boundary errors within the Yahoo! Music Jukebox ActiveX Control. A remote attack can exploit these vulnerabilities by enticing the target user to open a crafted webpage, potentially causing arbitrary code to be injected and executed in the security context of the current user.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1001424
  Trend Micro Deep Security DPI Rule Name: 1001424 - Microsoft Internet Explorer Yahoo! Music Jukebox AddBitmap & AddButton ActiveX Remote Buffer Overflow

  AFFECTED SOFTWARE AND VERSION:

  • Microsoft Internet Explorer