cbcvebase.
CVE-2012-0268
published 2012-01-19

CVE-2012-0268: Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote…

PriorityP427medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
1.73%
74.8th percentile
Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.

Affected

82 ranges· showing 25
VendorProductVersion rangeFixed in
yahoomessenger<= 11.5.0.152
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
yahoomessenger
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.