Search criteria
3 vulnerabilities found for yahoo_assistant by yahoo
FKIE_CVE-2008-2111
Vulnerability from fkie_nvd - Published: 2008-05-07 23:20 - Updated: 2025-04-09 00:30
Severity ?
Summary
The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| yahoo | yahoo_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yahoo:yahoo_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9FF9C09-6914-4C03-A9A3-59DCB58F3347",
"versionEndIncluding": "3.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption."
},
{
"lang": "es",
"value": "El control ActiveX (yNotifier.dll) de Yahoo! Assistant versi\u00f3n 3.6 y anteriores, permite a atacantes remotos ejecutar c\u00f3digo arbitrariamente a trav\u00e9s de vectores no especificados en el objeto Ynoifier COM que provoca una corrupci\u00f3n de memoria."
}
],
"id": "CVE-2008-2111",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-05-07T23:20:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30115"
},
{
"source": "cve@mitre.org",
"url": "http://secway.org/advisory/AD20080506EN.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29065"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020004"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1471/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secway.org/advisory/AD20080506EN.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1471/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42233"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-2111 (GCVE-0-2008-2111)
Vulnerability from cvelistv5 – Published: 2008-05-07 23:00 – Updated: 2024-08-07 08:49
VLAI?
Summary
The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:57.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30115"
},
{
"name": "ADV-2008-1471",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1471/references"
},
{
"name": "yahoo-assistant-ynotifier-code-execution(42233)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42233"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secway.org/advisory/AD20080506EN.txt"
},
{
"name": "1020004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020004"
},
{
"name": "29065",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29065"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30115"
},
{
"name": "ADV-2008-1471",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1471/references"
},
{
"name": "yahoo-assistant-ynotifier-code-execution(42233)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42233"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secway.org/advisory/AD20080506EN.txt"
},
{
"name": "1020004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020004"
},
{
"name": "29065",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29065"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30115",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30115"
},
{
"name": "ADV-2008-1471",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1471/references"
},
{
"name": "yahoo-assistant-ynotifier-code-execution(42233)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42233"
},
{
"name": "http://secway.org/advisory/AD20080506EN.txt",
"refsource": "MISC",
"url": "http://secway.org/advisory/AD20080506EN.txt"
},
{
"name": "1020004",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020004"
},
{
"name": "29065",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29065"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2111",
"datePublished": "2008-05-07T23:00:00",
"dateReserved": "2008-05-07T00:00:00",
"dateUpdated": "2024-08-07T08:49:57.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2111 (GCVE-0-2008-2111)
Vulnerability from nvd – Published: 2008-05-07 23:00 – Updated: 2024-08-07 08:49
VLAI?
Summary
The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:57.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30115"
},
{
"name": "ADV-2008-1471",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1471/references"
},
{
"name": "yahoo-assistant-ynotifier-code-execution(42233)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42233"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secway.org/advisory/AD20080506EN.txt"
},
{
"name": "1020004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020004"
},
{
"name": "29065",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29065"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30115"
},
{
"name": "ADV-2008-1471",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1471/references"
},
{
"name": "yahoo-assistant-ynotifier-code-execution(42233)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42233"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secway.org/advisory/AD20080506EN.txt"
},
{
"name": "1020004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020004"
},
{
"name": "29065",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29065"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30115",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30115"
},
{
"name": "ADV-2008-1471",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1471/references"
},
{
"name": "yahoo-assistant-ynotifier-code-execution(42233)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42233"
},
{
"name": "http://secway.org/advisory/AD20080506EN.txt",
"refsource": "MISC",
"url": "http://secway.org/advisory/AD20080506EN.txt"
},
{
"name": "1020004",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020004"
},
{
"name": "29065",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29065"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2111",
"datePublished": "2008-05-07T23:00:00",
"dateReserved": "2008-05-07T00:00:00",
"dateUpdated": "2024-08-07T08:49:57.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}