Technical Description

Multiple vulnerabilities have been identified in AOL, which could be exploited by remote attackers to take complete control of an affected system.

The first issue is due to a buffer overflow error in the YGP (You've Got Pictures) Screensaver ActiveX control when processing malformed arguments passed to certain methods, which could be exploited by remote attackers to execute arbitrary commands via a specially crafted web page.

The second vulnerability is due to a buffer overflow error in the YGP (You've Got Pictures) Pic Downloader ActiveX control when processing overly long arguments passed to certain methods, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a malicious web page.

Thethird flaw is due to a buffer overflow error in the YGP (You've Got Pictures) Pic Downloader ActiveX control when processing a malformed "SetAlbumName()" method, which could be exploited by remote attackers to execute arbitrary commands via a specially crafted web page.

Affected Products

AOL version 9.0 and prior
AOL version 9.0 (Security Edition) and prior

Solution

Log in to the AOL service to apply patches automatically :
http://free.aol.com/downloadaol

References

http://www.vupen.com/english/advisories/2006/3967
http://www.kb.cert.org/vuls/id/661524
http://www.kb.cert.org/vuls/id/154641

Credits

Vulnerabilities reported by Will Dormann (CERT/CC) and iDEFENSE.

ChangeLog

2006-10-10 : Initial release
2006-10-11 : Additional Vulnerability

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.