CVE-2007-3147

This Metasploit module exploits a stack buffer overflow in Yahoo! Messenger 8.1.0.249's ActiveX control (ywcupl.dll) via an overly long string to the 'Server()' method followed by a 'Send()' call. It achieves remote code execution by leveraging a crafted payload and return address.

This exploit targets a heap overflow vulnerability in the Symantec Norton AntiVirus ActiveX control (clsid:DCE2F8B1-A520-11D4-8FD0-00D0B7730277) by spraying the heap with NOP sleds and shellcode, then triggering the overflow via the 'server' property. The shellcode executes calc.exe as a proof of concept.

This Metasploit module exploits a stack buffer overflow in Yahoo! Messenger 8.1.0.249's ActiveX control (ywcupl.dll) via an overly long string to the 'Server()' method followed by a 'Send()' call. It delivers a payload to achieve remote code execution.

This exploit targets a vulnerability in Yahoo's Ywcupl.dll ActiveX control (CVE-2007-3147) to achieve remote code execution. It generates an HTML file with malicious JavaScript that triggers a heap overflow, executing shellcode to download and run an arbitrary file from a specified URL.