Excepti0N

#14443of 53,624
18.6Total CVSS
Vulnerabilities · 2
High
2
PT-2007-4430
9.3
2007-06-11
Yahoo · Yahoo! Messenger · CVE-2007-3147
Name of the Vulnerable Software and Affected Versions: Yahoo! Messenger version 8.1.0.249 ywcupl.dll version 2.0.1.4 Description: A buffer overflow issue exists in the Yahoo! Webcam Upload ActiveX control, allowing remote attackers to execute arbitrary code via a long server property value to the `send` method. Recommendations: For Yahoo! Messenger version 8.1.0.249, consider disabling the ywcupl.dll until a patch is available. For ywcupl.dll version 2.0.1.4, restrict access to the `send` method to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2007-4431
9.3
2007-06-11
Yahoo · Yahoo! Messenger · CVE-2007-3148
Name of the Vulnerable Software and Affected Versions: Yahoo! Messenger version 8.1.0.249 Description: A buffer overflow issue exists in the Yahoo! Webcam Viewer ActiveX control, allowing remote attackers to execute arbitrary code via a long server property value to the `receive` method. Recommendations: For Yahoo! Messenger version 8.1.0.249, consider disabling the `receive` method in the Yahoo! Webcam Viewer ActiveX control until a patch is available.