CVE-2006-6603

Name of the Vulnerable Software and Affected Versions Yahoo! Messenger versions prior to 2005.1.1.4

Description A buffer overflow issue exists in the YMMAPI.YMailAttach ActiveX control, which can be exploited by remote attackers to execute arbitrary code via a crafted HTML document.

Recommendations For versions prior to 2005.1.1.4, update to version 2005.1.1.4 or later to resolve the issue. As a temporary workaround, consider disabling the YMMAPI.YMailAttach ActiveX control until a patch is applied.