Vulnerabilities > CVE-2008-2111 - Resource Management Errors vulnerability in Yahoo Assistant

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

yahoo

CWE-399

critical

exploit available

NVD

Published: 2008-05-07

Updated: 2017-08-08

Summary

The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption.

Vulnerable Configurations

Part	Description	Count
Application	Yahoo Yahoo Yahoo Assistant *	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	Yahoo! Assistant 3.6 'yNotifier.dll' ActiveX Control Memory Corruption Vulnerability. CVE-2008-2111. Dos exploit for windows platform
id	EDB-ID:31748
last seen	2016-02-03
modified	2008-05-06
published	2008-05-06
reporter	Sowhat
source	https://www.exploit-db.com/download/31748/
title	Yahoo! Assistant 3.6 - 'yNotifier.dll' ActiveX Control Memory Corruption Vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References