Unrated severityNVD Advisory· Published Dec 15, 2006· Updated Apr 23, 2026
CVE-2006-6603
CVE-2006-6603
Description
Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information.
Affected products
7cpe:2.3:a:yahoo:messenger:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:yahoo:messenger:*:*:*:*:*:*:*:*range: <=8.0
- cpe:2.3:a:yahoo:messenger:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:yahoo:messenger:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:yahoo:messenger:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:yahoo:messenger:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:yahoo:messenger:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:yahoo:messenger:7.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- messenger.yahoo.com/security_update.phpnvdPatchVendor Advisory
- secunia.com/advisories/23401nvdPatchVendor Advisory
- securitytracker.com/idnvdPatch
- www.kb.cert.org/vuls/id/901852nvdPatchUS Government Resource
- www.securityfocus.com/bid/21607nvdPatch
- www.vupen.com/english/advisories/2006/5016nvd
News mentions
0No linked articles in our index yet.