virus logo Intrusion Prevention

Yahoo!.Messenger.CYFT.Object.Arbitrary.File.Download

description-logoDescription

This indicates an attempt to exploit an arbitrary file download vulnerability in Yahoo! Messenger.
The vulnerability is caused by Yahoo! Messenger's failure to check the parameters passed to the "GetFile()" method within the FT60.DLL ActiveX control. It allows remote attackers to download arbitrary files via a crafted web page.

affected-products-logoAffected Products

Yahoo! Messenger 8.1.0.421

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any official fix for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-11-04 16.956 Name:Yahoo.
Messenger.
CYFT.
Object.
Arbitrary.
File.
Download:Yahoo!.
Messenger.
CYFT.
Object.
Arbitrary.
File.
Download
ID 14993
Created Sep 20, 2007
Updated Jan 13, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows
Affected App IM