Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before 20070313 allows remote attackers to execute arbitrary code via long (1) socksHostname and (2) hostname properties.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
雅虎通音频会议ActiveX控件远程栈溢出漏洞
Vulnerability Description
雅虎通是一款非常流行的即时通讯工具。 雅虎通的音频会议ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户机器。 在雅虎通的Yahoo.AudioConf控件中: DLL: yacscom.dll CLSID: 85A4A99C-8C3D-499E-A386-E0743DFF8FB7 如果攻击者为socksHostname和hostname属性指定了超长字符串,然后调用了createAndJoinConference(),就会触发栈溢出,导致执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A