Vulnerability discovered in YIM webcam sessions

By Justin Mann on August 15, 2007, 3:03 PM
McAfee apparently has discovered a severe flaw in Yahoo Messenger, one that could ultimately lead to system compromise. Not particularly surprising, the flaw lies within the webcam functionality of the IM client, in which accepting a cam invite could result in code execution, assuming the person offering was intending to do such.

They state that there aren't any known instances of this being exploited nor have they seen any code that could exploit, merely that it is a possibility. This flaw is separate from what was found and patched a few months ago. It can only be exploited from accepting a cam invite, and unless you have a habit of accepting those from strangers it's nothing to worry about.

This is yet another flaw, however, in the version 8 series of the client. You can read more about discovery of the flaw at the McAfee security blog.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.