Buffer Overflow Vulnerability in Yahoo! Messenger ActiveX Control
CVE-2006-6603

Currently unrated

Key Information:

Vendor: Yahoo
Status: Messenger
Vendor: CVE Published:; 15 December 2006

What is CVE-2006-6603?

A buffer overflow vulnerability exists in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) used by Yahoo! Messenger, which allows remote attackers to execute arbitrary code through a specially crafted HTML document. This security flaw can lead to malicious exploitation, putting users' systems at risk. It is essential to update to the latest versions to mitigate potential threats.

References

http://securitytracker.com/id?1017387

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/21607

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/901852

third-party-advisoryx_refsource_CERT-VN

EPSS Score

6% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 15, 2006
Vulnerability Reserved
Dec 15, 2006

CVE-2006-6603 Data

JSON