CVE-2003-1129

Yahoo Audio Conferencing Activex Control - Buffer Overflow

Title source: rule

Description

Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat.

Exploits (1)

exploitdb WORKING POC VERIFIED

by cesaro · htmlremotewindows

https://www.exploit-db.com/exploits/22593

View Code ZIP pw:eip

References (6)

[Various Sources] http://help.yahoo.com/help/us/mesg/use/use-45.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/7561

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/12130

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/272644

[Patch] http://secunia.com/advisories/8924

[Patch] http://www.securityfocus.com/archive/1/323439

Scores

EPSS 0.3355

EPSS Percentile 97.0%

Details

Status published

Products (1)

yahoo/audio_conferencing_activex_control 1.0.0.43

Published Dec 31, 2003

Tracked Since Feb 18, 2026