Yahoo! Webcam ActiveX Control Buffer Overrun Vulnerability

info
discussion
exploit
solution
references

Yahoo! Webcam ActiveX Control Buffer Overrun Vulnerability

A buffer overrun has been discovered in the Yahoo! Webcam ActiveX control. The problem occurs due to insufficient bounds checking when handling user-supplied Webcam parameters. As a result, an attacker may be capable of hosting a malicious website designed to exploit this issue to execute arbitrary code, within the context of a victim users web browser.