CVE-2012-0268

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.

Published: 2012-01-19 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2012-0268 is rated Moderate Risk (48.2/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.58%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2012-0268

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-03-30 1.78% 1.58% -0.20%
2 2025-03-29 1.58% 1.78% +0.20%
3 2025-03-17 1.58%

Full EPSS history (10 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2012-0268

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.1 2.0 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:H)
Exploitation requires uncommon or highly specific conditions.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 4.9 6.4 [email protected]

Weakness enumeration for CVE-2012-0268

Affected software / configurations for CVE-2012-0268

Vendor Product Version Raw CPE
yahoo messenger <= 11.5.0.152 cpe:2.3:a:yahoo:messenger:*:*:*:*:*:*:*:*
yahoo messenger 0.99.17-1 cpe:2.3:a:yahoo:messenger:0.99.17-1:*:*:*:*:*:*:*
yahoo messenger 1.0 cpe:2.3:a:yahoo:messenger:1.0:*:*:*:*:*:*:*
yahoo messenger 1.0.4 cpe:2.3:a:yahoo:messenger:1.0.4:*:*:*:*:*:*:*
yahoo messenger 1.0.6 cpe:2.3:a:yahoo:messenger:1.0.6:*:*:*:*:*:*:*
yahoo messenger 2.0.1.4 cpe:2.3:a:yahoo:messenger:2.0.1.4:*:*:*:*:*:*:*
yahoo messenger 3.0 cpe:2.3:a:yahoo:messenger:3.0:*:*:*:*:*:*:*
yahoo messenger 3.0.1 cpe:2.3:a:yahoo:messenger:3.0.1:*:*:*:*:*:*:*
yahoo messenger 3.0.1 cpe:2.3:a:yahoo:messenger:3.0.1:beta-35554:*:*:*:*:*:*
yahoo messenger 3.5 cpe:2.3:a:yahoo:messenger:3.5:*:*:*:*:*:*:*
yahoo messenger 4.0 cpe:2.3:a:yahoo:messenger:4.0:*:*:*:*:*:*:*
yahoo messenger 4.1 cpe:2.3:a:yahoo:messenger:4.1:*:*:*:*:*:*:*
yahoo messenger 5.0 cpe:2.3:a:yahoo:messenger:5.0:*:*:*:*:*:*:*
yahoo messenger 5.0.1046 cpe:2.3:a:yahoo:messenger:5.0.1046:*:*:*:*:*:*:*
yahoo messenger 5.0.1065 cpe:2.3:a:yahoo:messenger:5.0.1065:*:*:*:*:*:*:*
yahoo messenger 5.0.1232 cpe:2.3:a:yahoo:messenger:5.0.1232:*:*:*:*:*:*:*
yahoo messenger 5.5 cpe:2.3:a:yahoo:messenger:5.5:*:*:*:*:*:*:*
yahoo messenger 5.5.1249 cpe:2.3:a:yahoo:messenger:5.5.1249:*:*:*:*:*:*:*
yahoo messenger 5.6 cpe:2.3:a:yahoo:messenger:5.6:*:*:*:*:*:*:*
yahoo messenger 5.6.0.1347 cpe:2.3:a:yahoo:messenger:5.6.0.1347:*:*:*:*:*:*:*
yahoo messenger 5.6.0.1351 cpe:2.3:a:yahoo:messenger:5.6.0.1351:*:*:*:*:*:*:*
yahoo messenger 5.6.0.1355 cpe:2.3:a:yahoo:messenger:5.6.0.1355:*:*:*:*:*:*:*
yahoo messenger 5.6.0.1356 cpe:2.3:a:yahoo:messenger:5.6.0.1356:*:*:*:*:*:*:*
yahoo messenger 5.6.0.1358 cpe:2.3:a:yahoo:messenger:5.6.0.1358:*:*:*:*:*:*:*
yahoo messenger 6.0 cpe:2.3:a:yahoo:messenger:6.0:*:*:*:*:*:*:*
yahoo messenger 6.0.0.1643 cpe:2.3:a:yahoo:messenger:6.0.0.1643:*:*:*:*:*:*:*
yahoo messenger 6.0.0.1750 cpe:2.3:a:yahoo:messenger:6.0.0.1750:*:*:*:*:*:*:*
yahoo messenger 6.0.0.1921 cpe:2.3:a:yahoo:messenger:6.0.0.1921:*:*:*:*:*:*:*
yahoo messenger 6.1 cpe:2.3:a:yahoo:messenger:6.1:*:*:*:*:*:*:*
yahoo messenger 7.0 cpe:2.3:a:yahoo:messenger:7.0:*:*:*:*:*:*:*
yahoo messenger 7.0.0.426 cpe:2.3:a:yahoo:messenger:7.0.0.426:*:*:*:*:*:*:*
yahoo messenger 7.0.0.437 cpe:2.3:a:yahoo:messenger:7.0.0.437:*:*:*:*:*:*:*
yahoo messenger 7.0.438 cpe:2.3:a:yahoo:messenger:7.0.438:*:*:*:*:*:*:*
yahoo messenger 7.5 cpe:2.3:a:yahoo:messenger:7.5:*:*:*:*:*:*:*
yahoo messenger 7.5.0.814 cpe:2.3:a:yahoo:messenger:7.5.0.814:*:*:*:*:*:*:*
yahoo messenger 8.0 cpe:2.3:a:yahoo:messenger:8.0:*:*:*:*:*:*:*
yahoo messenger 8.0.0.505 cpe:2.3:a:yahoo:messenger:8.0.0.505:*:*:*:*:*:*:*
yahoo messenger 8.0.0.508 cpe:2.3:a:yahoo:messenger:8.0.0.508:*:*:*:*:*:*:*
yahoo messenger 8.0.0.701 cpe:2.3:a:yahoo:messenger:8.0.0.701:*:*:*:*:*:*:*
yahoo messenger 8.0.0.716 cpe:2.3:a:yahoo:messenger:8.0.0.716:*:*:*:*:*:*:*
yahoo messenger 8.0.0.863 cpe:2.3:a:yahoo:messenger:8.0.0.863:*:*:*:*:*:*:*
yahoo messenger 8.0.1 cpe:2.3:a:yahoo:messenger:8.0.1:*:*:*:*:*:*:*
yahoo messenger 8.0_2005.1.1.4 cpe:2.3:a:yahoo:messenger:8.0_2005.1.1.4:*:*:*:*:*:*:*
yahoo messenger 8.1 cpe:2.3:a:yahoo:messenger:8.1:*:*:*:*:*:*:*
yahoo messenger 8.1.0.195 cpe:2.3:a:yahoo:messenger:8.1.0.195:*:*:*:*:*:*:*
yahoo messenger 8.1.0.209 cpe:2.3:a:yahoo:messenger:8.1.0.209:*:*:*:*:*:*:*
yahoo messenger 8.1.0.239 cpe:2.3:a:yahoo:messenger:8.1.0.239:*:*:*:*:*:*:*
yahoo messenger 8.1.0.244 cpe:2.3:a:yahoo:messenger:8.1.0.244:*:*:*:*:*:*:*
yahoo messenger 8.1.0.249 cpe:2.3:a:yahoo:messenger:8.1.0.249:*:*:*:*:*:*:*
yahoo messenger 8.1.0.401 cpe:2.3:a:yahoo:messenger:8.1.0.401:*:*:*:*:*:*:*
yahoo messenger 8.1.0.402 cpe:2.3:a:yahoo:messenger:8.1.0.402:*:*:*:*:*:*:*
yahoo messenger 8.1.0.413 cpe:2.3:a:yahoo:messenger:8.1.0.413:*:*:*:*:*:*:*
yahoo messenger 8.1.0.416 cpe:2.3:a:yahoo:messenger:8.1.0.416:*:*:*:*:*:*:*
yahoo messenger 8.1.0.419 cpe:2.3:a:yahoo:messenger:8.1.0.419:*:*:*:*:*:*:*
yahoo messenger 8.1.0.421 cpe:2.3:a:yahoo:messenger:8.1.0.421:*:*:*:*:*:*:*
yahoo messenger 9.0.0.797 cpe:2.3:a:yahoo:messenger:9.0.0.797:beta:*:*:*:*:*:*
yahoo messenger 9.0.0.907 cpe:2.3:a:yahoo:messenger:9.0.0.907:beta:*:*:*:*:*:*
yahoo messenger 9.0.0.922 cpe:2.3:a:yahoo:messenger:9.0.0.922:beta:*:*:*:*:*:*
yahoo messenger 9.0.0.1389 cpe:2.3:a:yahoo:messenger:9.0.0.1389:beta:*:*:*:*:*:*
yahoo messenger 9.0.0.1912 cpe:2.3:a:yahoo:messenger:9.0.0.1912:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2018 cpe:2.3:a:yahoo:messenger:9.0.0.2018:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2034 cpe:2.3:a:yahoo:messenger:9.0.0.2034:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2112 cpe:2.3:a:yahoo:messenger:9.0.0.2112:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2123 cpe:2.3:a:yahoo:messenger:9.0.0.2123:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2128 cpe:2.3:a:yahoo:messenger:9.0.0.2128:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2133 cpe:2.3:a:yahoo:messenger:9.0.0.2133:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2136 cpe:2.3:a:yahoo:messenger:9.0.0.2136:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2152 cpe:2.3:a:yahoo:messenger:9.0.0.2152:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2160 cpe:2.3:a:yahoo:messenger:9.0.0.2160:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2161 cpe:2.3:a:yahoo:messenger:9.0.0.2161:*:*:*:*:*:*:*
yahoo messenger 9.0.0.2162 cpe:2.3:a:yahoo:messenger:9.0.0.2162:*:*:*:*:*:*:*
yahoo messenger 10.0.0.331 cpe:2.3:a:yahoo:messenger:10.0.0.331:pre-alpha:*:*:*:*:*:*
yahoo messenger 10.0.0.525 cpe:2.3:a:yahoo:messenger:10.0.0.525:beta:*:*:*:*:*:*
yahoo messenger 10.0.0.542 cpe:2.3:a:yahoo:messenger:10.0.0.542:beta:*:*:*:*:*:*
yahoo messenger 10.0.0.1102 cpe:2.3:a:yahoo:messenger:10.0.0.1102:*:*:*:*:*:*:*
yahoo messenger 10.0.0.1241 cpe:2.3:a:yahoo:messenger:10.0.0.1241:*:*:*:*:*:*:*
yahoo messenger 10.0.0.1258 cpe:2.3:a:yahoo:messenger:10.0.0.1258:*:*:*:*:*:*:*
yahoo messenger 10.0.0.1264 cpe:2.3:a:yahoo:messenger:10.0.0.1264:*:*:*:*:*:*:*
yahoo messenger 10.0.0.1267 cpe:2.3:a:yahoo:messenger:10.0.0.1267:*:*:*:*:*:*:*
yahoo messenger 10.0.0.1270 cpe:2.3:a:yahoo:messenger:10.0.0.1270:*:*:*:*:*:*:*

References for CVE-2012-0268

URL Tags
http://secunia.com/advisories/47041 Vendor Advisory
cvelogic Threat Intelligence