Clusterphuck, that's because I haven't reported the buffer boot vulnerability exploitation details yet. I still have my write up waiting to be sent in to them. I will certainly submit it though, soon, along with several other SERIOUS, one of which is critical, vulnerabilities which I obviously won't be sharing here. Two of these are ban exploits, one is a XSS vuln (stealing cookies, ETS/Eoptions string encoded pass from the registry if it's there, etc), and some others.

I will kick this project off very soon and it will, or at least should, be quite helpful to the Yahoo! Messenger development team. Right now I've been really busy with other things, including the next build of YTK Enhanced and another project I'm working on on the side.