This script is Copyright (C) 2007-2017 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that is affected by
multiple buffer overflow vulnerabilities.
The remote host contains the 'YVerInfo' ActiveX control, distributed
as part of the Yahoo! services suite typically downloaded with the
installer for Yahoo! Messenger.
The version of this control installed on the remote host reportedly
contains buffer overflows involving its 'fvCom' and 'info' methods.
If an attacker can trick a user on the affected host into visiting a
specially crafted web page, this issue could be leveraged to execute
arbitrary code on the host subject to the user's privileges.
See also :
Either disable the use of this ActiveX control from within Internet
Explorer by setting its kill bit or upgrade to Yahoo! Messenger
version 220.127.116.119 (version 2007.8.27.1 of the YVerInfo control itself)
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true