Yahoo! Messenger Audio Conferencing ActiveX Control Remote Buffer Overflow Vulnerability

Yahoo! Messenger Audio Conferencing ActiveX Control Remote Buffer Overflow Vulnerability

The Audio Conferencing ActiveX control shipped with Yahoo! Messenger is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

Yahoo! Messenger versions released prior to March 13, 2007 are vulnerable to this issue.