Yahoo Messenger Webcam ActiveX Exploit

This module exploits a vulnerability in the Yahoo Messenger Webcam 8.1 ActiveX Control (ywcvwr.dll). When the Receive() method processes a long string argument, a stack based buffer overflow occurs allowing execution of arbitrary code. This exploit is triggered when an unsuspecting user is lured into visiting a malicious web-site hosted by CORE IMPACT.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2007-3148
Product Version: 
6.2
Released Date: 
Monday, June 11, 2007 - 00:00