Yahoo!.Widgets.YDP.ActiveX.Control.Command.Execution
Description
This indicates a vulnerability in Yahoo! Widgets. The vulnerability is caused by a stack based buffer overflow in the "GetComponentVersion()" method within the YDPCTL.dll ActiveX control. It allows remote attackers to cause a denial of service via a crafted web page.
Affected Products
Yahoo! Widgets versions prior to 4.0.5
Impact
Denial of service.
Recommended Actions
Currently we are not aware of any official fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-11-04 | 16.956 | Name:Yahoo. Widgets. YDP. ActiveX. Control. Command. Execution:Yahoo!. Widgets. YDP. ActiveX. Control. Command. Execution |