Yahoo! Assistant 3.6 - 'yNotifier.dll' ActiveX Control Memory Corruption

Author: Sowhat
type: dos
platform: windows
port: 
date_added: 2008-05-06  
date_updated: 2014-02-19  
verified: 1  
codes: CVE-2008-2111;OSVDB-44852  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 31748.txt  

source: https://www.securityfocus.com/bid/29065/info

Yahoo! Assistant 'yNotifier.dll' ActiveX control is prone to a memory-corruption vulnerability.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely crash the application.

The issue affects Yahoo! Assistant 3.6 and prior versions.

<object classid='clsid:2283BB66-A15D-4AC8-BA72-9C8C9F5A1691'>