Hillstone Networks

RULE（RULE ID：311326）

Rule General Information


Release Date:		2015-09-01

Rule Name:		Yahoo! Music Jukebox Activex Control Buffer Overflow Vulnerability (CVE-2008-0625)

Severity:

CVE ID:

Rule Protection Details


Description:		Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in Yahoo! Music Jukebox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddBitmap method.

Impact:		A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks include arbitrary code execution and denial of service.

Affected OS:		Windows

Reference:		SecurityFocusBID:27578 ExploitDB:5052 http://www.kb.cert.org/vuls/id/340860 SecurityTrackerID:1019298

Solutions

No information about possible solutions is published. Please use an alternative product to substitude the affected software.