Yahoo! Audio Conferencing contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to an unchecked buffer in the Audio Conferencing ActiveX Control. If an attacker sends a specially crafted request, they may be able to overflow the buffer and execute arbitrary code.

Yahoo! Audio Conferencing ActiveX Control is used in Yahoo! Messenger and Yahoo! Chat.

Upgrade to version 1,0,0,45 or higher (pushed automatically upon connection), as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround:

The control can be disabled by removing the object from the Internet Explorer "Downloaded Program Files" cache and, if Yahoo! Messenger is installed, going into the Yahoo! Messenger directory (by default, C:\Program Files\Yahoo!\Messenger\) and running the following command:

regsvr32 /u yacscom.dll

• ISS X-Force ID: 12130
• CVE ID: 2003-1129 (see also: NVD)
• Keyword: 2B323CD9-50E3-11D3-9466-00A0C9700498 activex audio chat instant messenger Yahoo
• Bugtraq ID: 7561
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-05/0353.html
• Vendor Specific Advisory URL: http://help.yahoo.com/help/us/mesg/use/use-45.html

• Caesar - cesarc56yahoo.com -