This is re recent response from Yahoo to me. They may patch it at their server; I don't have time to check yet.
Regards, Trihuynh Sentryunion ----- Original Message ----- From: "Yahoo Security Contact" <[EMAIL PROTECTED]> To: "Tri Huynh" <[EMAIL PROTECTED]> Sent: Thursday, January 08, 2004 1:05 AM Subject: Re: Yahoo Instant Messenger Long Filename Downloading Buffer Overflow > > Yahoo Instant Messenger Long Filename Downloading Buffer Overflow > > VULNERABLE VERSIONS: 5.6.0.1351 and below > > Thank you for contacting Yahoo! Security. We are currently > reviewing your report. We have confirmed the issue you report affects build 1351 and below. It does not appear to affect builds 1355, 1356, which were already available for download nor build 1358 which was recently made available. We are currently working through the testing and release cycle for additional updates to further protect against the issue and will update you further within 2 - 4 business days. Please feel free to contact us if you questions about the status in the interim. Best regards, Yahoo! Security Contact _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
