Vulnerabilities > AOL > AOL > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-25 | CVE-2006-5502 | Buffer Overflow vulnerability in AOL 9.0 Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the AddPictureNoAlbum method, a different vulnerability than CVE-2006-5501. | 7.5 |
| 2006-10-25 | CVE-2006-5501 | Buffer Overflow vulnerability in AOL 9.0 Buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the downloadFileDirectory property, a different vulnerability than CVE-2006-5502. | 7.5 |
| 2006-08-21 | CVE-2006-0948 | Local Privilege Escalation vulnerability in AOL 9.04184.2340 AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the "America Online 9.0" directory, which allows local users to gain privileges by replacing critical files. | 7.2 |