CVE-2007-5017
CVE-2007-5017 describes an absolute path traversal vulnerability in a specific ActiveX control (the CYFT object in ft60.dll) used by Yahoo! Messenger 8.1.0.421. An attacker could supply a full pathname to the GetFile method to force a download or create/overwrite arbitrary files on the affected s...