PT-2007-1187 · America Online · Superbuddy Activex Control+1

Cody Pierce

Publicado

2007-04-02

Atualizado

2018-10-17

CVE-2006-5820

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: America Online version 9.0 Security Edition

Description: The issue concerns the LinkSBIcons method in the SuperBuddy ActiveX control, which dereferences an arbitrary function pointer. This allows remote attackers to execute arbitrary code via a modified pointer value.

Recommendations: For America Online version 9.0 Security Edition, consider disabling the LinkSBIcons method in the SuperBuddy ActiveX control as a temporary workaround until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-5820

Produtos afetados

America Online

Superbuddy Activex Control

PT-2007-1187 · America Online · Superbuddy Activex Control+1

CVE-2006-5820

Identificadores relacionados

Produtos afetados

Referências · 11