Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.
Max CVSS
5.1
EPSS Score
0.28%
Published
2012-01-19
Updated
2012-01-23
1 vulnerabilities found