CVE-2007-3147

EPSS 69.22% · P99 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-3147

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

雅虎通Webcam Upload ActiveX控件远程缓冲区溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

雅虎通是一款非常流行的即时通讯工具。雅虎通的Webcam Upload ActiveX控件实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户机器。雅虎通的Webcam Upload(ywcupl.dll)ActiveX控件没有正确的验证对Server属性的输入。如果用户受骗访问了恶意站点向该属性传送了超长字符串然后又调用了Send()方式的话，就可能触发栈溢出，导致执行任意指令。漏洞起因是ActiveX控件在仅分配了1023字节的空间后对有漏洞的字符串调用了mbscpy。 03ada506

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-3147

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-3147

Please Login to view more intelligence information

http://research.eeye.com/html/advisories/upcoming/20070605.htmlx_refsource_MISC
http://research.eeye.com/html/advisories/published/AD20070608.htmlx_refsource_MISC
http://messenger.yahoo.com/security_update.php?id=060707x_refsource_CONFIRM
https://www.exploit-db.com/exploits/4042exploitx_refsource_EXPLOIT-DB
http://securityreason.com/securityalert/2809third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/24354vdb-entryx_refsource_BID
http://secunia.com/advisories/25547third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/24341vdb-entryx_refsource_BID
http://securitytracker.com/id?1018204vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id?1018203vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/949817third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2007/2094vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/34758vdb-entryx_refsource_XF
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063817.htmlmailing-listx_refsource_FULLDISC
http://www.securityfocus.com/archive/1/470861/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-3147

Same Patch Batch · n/a · 2007-06-11 · 50 CVEs total

CVE-2006-3974		3Com OfficeConnect Secure Router Tk Parameter 跨站脚本攻击漏洞
CVE-2005-4845		sun java_plug-in 配置错误漏洞
CVE-2007-3144		Opera Web Browser Basic Authentication Server 域名欺骗漏洞
CVE-2007-3145		Opera Web Browser Basic Authentication Server 域名欺骗漏洞
CVE-2007-3146		Zen Help Desk 敏感信息泄露漏洞
CVE-2007-3148		雅虎通Webcam Viewer ActiveX控件远程缓冲区溢出漏洞
CVE-2007-3149		Todd Miller Sudo本地绕过Kerberos认证漏洞
CVE-2007-3143		Opera Web Browser Basic Authentication Server 域名欺骗漏洞
CVE-2005-4841		Outlook Progress Ctl 拒绝服务攻击
CVE-2007-3150		Google Desktop　远程攻击漏洞
CVE-2005-4842		System Monitor Source Properties 拒绝服务攻击漏洞
CVE-2007-3178		Zindizayn Okul Web Sistemi SQL注入漏洞
CVE-2007-3177		Ingate Firewall and SIParator绕过SIP认证漏洞
CVE-2007-3176		Ingate Firewall和SIParator　未明漏洞
CVE-2007-3175		W2B Online Banking　SQL注入漏洞
CVE-2007-3174		W2B Online Banking　auth.w2b　跨站脚本攻击漏洞
CVE-2007-3173		Almnzm　orderid函数远程攻击漏洞
CVE-2007-3172		Uebimiau Webmail　目录遍历漏洞
CVE-2007-3171		Uebimiau Webmail远程攻击漏洞
CVE-2007-3170		Uebimiau Webmail　跨站脚本攻击漏洞

Showing top 20 of 50 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-3147

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-3147

I. Basic Information for CVE-2007-3147

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2007-3147

III. Intelligence Information for CVE-2007-3147

Same Patch Batch · n/a · 2007-06-11 · 50 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2007-3147

Leave a comment