Arbitrary Code Execution Vulnerability in Yahoo! Messenger Audio Setup Wizard

CVE-2005-0242 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.

Learn more about our Web Application Penetration Testing UK.