eEye Digital Security has discovered two critical vulnerabilities in ywcupl.dll (version 2.0.1.4) and ywcvwr.dll (version 2.0.1.4) included by default in all releases of Yahoo! Messenger 8.x.
d9613dbb76bafe2f5a875521f8e0028a1306fdcd3e8bbff5b802d3921f26ac89