CVE-2006-3888

Sažetak

Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=420
http://secunia.com/advisories/22304
http://securitytracker.com/id?1017024
http://www.kb.cert.org/vuls/id/661524
http://www.kb.cert.org/vuls/id/MIMG-6MUUJ8
http://www.securityfocus.com/bid/20425
http://www.securityfocus.com/bid/20472
http://www.vupen.com/english/advisories/2006/3967
https://exchange.xforce.ibmcloud.com/vulnerabilities/29410
https://exchange.xforce.ibmcloud.com/vulnerabilities/29494

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:32

Objavljeno

10-10-2006 - 23:07