Metasploit modules that can be used to exploit Yahoo » Messenger

Order by Disclosure Date Module Name Module Type
  • Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow
    Disclosure Date: 2007-08-30
    First seen: 2020-04-26
    exploit/windows/browser/yahoomessenger_fvcom
    This module exploits a stack buffer overflow in the Yahoo! Messenger ActiveX Control (YVerInfo.dll <= 2006.8.24.1). By sending an overly long string to the "fvCom()" method from a yahoo.com domain, an attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com>
  • Yahoo! Messenger 8.1.0.249 ActiveX Control Buffer Overflow
    Disclosure Date: 2007-06-05
    First seen: 2020-04-26
    exploit/windows/browser/yahoomessenger_server
    This module exploits a stack buffer overflow in the Yahoo! Webcam Upload ActiveX Control (ywcupl.dll) provided by Yahoo! Messenger version 8.1.0.249. By sending an overly long string to the "Server()" method, and then calling the "Send()" method, an attacker may be able to execute arbitrary code. Using the payloads "windows/shell_bind_tcp" and "windows/shell_reverse_tcp" yield for the best results. Authors: - MC <mc@metasploit.com>
2 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers. Visit metasploit web site for more details
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close