Accepting webcam invites from unknown users on Yahoo! Messenger Webcam could allow hackers to gain remote access of your computer, courtesy of a security flaw that was posted on Chinese security forums.

The new zero day exploit has now been confirmed by researchers at McAfee Avert Labs. It’s the third Yahoo! Messenger security flaw to be identified since June.

“We got a chance to dig a bit deeper into this and were able to reproduce the vulnerability on Yahoo! Messenger version 8.1.0.413 based on the information provided in the forum,” wrote Wei Wang on the McAfee Avert Labs blog.

“It seems like a classic heap overflow which can be triggered when the victim accepts a webcam invite.”

Avert Labs also found that this flaw may allow hackers to launch user-assisted remote-code execution attacks.

This new vulnerability is different to the one in June, which exploited Yahoo! Webcam ActiveX controls. And just last month security researcher Rajesh Sethumadhavan identified a buffer (heap) overflow flaw in Yahoo! Messenger that can be triggered by specially written address book entries. 

While no code exploiting this new flaw has been published yet, Avert Labs advises Yahoo! Message Webcam users not to accept webcam invites from unknown sources until a patch for this problem is released. It also advises that users block outgoing traffic on TCP port 5100.

Related:

Entry was posted on Wednesday, August 15th, 2007 at 12:16 pm under Internet, Security.  Print This Post

Read more entries by John Pospisil.
Stumble It!