I use Yahoo Messenger a lot. Sometimes I even login via meebo.com
Looks like there is a bug on that software. It is triggered when a user accepts an invitation to use their Web camera. Read more below
Details of the vulnerability were first posted on a Chinese-language security forum and was later confirmed with Yahoo security officials, wrote Wei Wang, a researcher with McAfee’s Avert lab in Beijing, on a company blog.
So far, no exploit code has been published, wrote Karthik Raman, also of McAfee.
The vulnerability affects Yahoo Messenger version 8.1.0.413. It is triggered when a user accepts an invitation to use their Web camera. The type of vulnerability is called a heap overflow, where a piece of code can be executed with improper permissions, which can allow for further malicious behavior such as downloading other code, said Greg Day, a security analyst for McAfee in the U.K.
McAfee is advising that people reject Web camera invitations until Yahoo issues a patch. Users can also block outgoing traffic on TCP port 5100, which is affiliated with program’s operation, Day said.