The Yahoo! Music Jukebox YMP Datagrid ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Yahoo! Music Jukebox is a music player for Microsoft Windows, which includes multiple ActiveX controls. The YMP Datagrid ActiveX control, which is provided by datagrid.dll, contains multiple stack buffer overflows. For example, the AddImage() and AddButton() methods are vulnerable.
By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user on a vulnerable system.
Apply an update
This vulnerability is addressed in Yahoo! Media Jukebox version 2.2.2.058, which comes with datagrid.dll version 220.127.116.11. This update may be applied with the automatic update functionality of the Yahoo! Media Jukebox software, or you can install it manually. Please see the Yahoo! Music Jukebox Security Update for more details.
This vulnerability was publicly disclosed by Krystian Kloskowski
This document was written by Will Dormann.