CVE-2008-2111

Published: May 7, 2008Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption.

Affected (1)

Products: Yahoo: Yahoo Assistant

Yahoo

1 product

Yahoo Assistant

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Yahoo Yahoo Assistant	Up to 3.6

Related CWEs

CWE-399

References (12)

http://secunia.com/advisories/30115

Source: cve@mitre.org

http://secway.org/advisory/AD20080506EN.txt

Source: cve@mitre.org

http://www.securityfocus.com/bid/29065

Source: cve@mitre.org

http://www.securitytracker.com/id?1020004

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/1471/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/42233

Source: cve@mitre.org

http://secunia.com/advisories/30115