Vulnerabilities > AOL > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-10-09 | CVE-2009-3658 | Use After Free vulnerability in AOL Superbuddy Activex Control 9.5.0.1 Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control (sb.dll) in America Online (AOL) 9.5.0.1 allows remote attackers to trigger memory corruption or possibly execute arbitrary code via a malformed argument to the SetSuperBuddy method. | 8.8 |
| 2007-03-30 | CVE-2007-1767 | Denial-Of-Service vulnerability in AOL Client Software 9.0 Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors. | 7.8 |
| 2006-11-07 | CVE-2006-5650 | Remote Code Execution vulnerability in AOL ICQ 5.1 The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar. | 7.5 |
| 2006-10-25 | CVE-2006-5502 | Buffer Overflow vulnerability in AOL 9.0 Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the AddPictureNoAlbum method, a different vulnerability than CVE-2006-5501. | 7.5 |
| 2006-10-25 | CVE-2006-5501 | Buffer Overflow vulnerability in AOL 9.0 Buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the downloadFileDirectory property, a different vulnerability than CVE-2006-5502. | 7.5 |
| 2006-10-10 | CVE-2006-3888 | Buffer Overflow vulnerability in AOL You've Got Pictures ActiveX Controls Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method. | 7.5 |
| 2006-10-10 | CVE-2006-3887 | Buffer Overflow vulnerability in AOL You've Got Pictures ActiveX Controls Buffer overflow in AOL You've Got Pictures (YGP) Screensaver ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
| 2006-08-21 | CVE-2006-0948 | Local Privilege Escalation vulnerability in AOL 9.04184.2340 AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the "America Online 9.0" directory, which allows local users to gain privileges by replacing critical files. | 7.2 |
| 2006-02-02 | CVE-2006-0526 | Local Privilege Escalation vulnerability in AOL Client Software 8.0/9.0 The default configuration of the America Online (AOL) client software allows all users to modify a certain registry value that specifies a DLL file name, which might allow local users to gain privileges via a Trojan horse program. | 7.2 |
| 2005-08-17 | CVE-2005-2597 | Local Privilege Escalation vulnerability in AOL Client Software 9.0 AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program. | 7.2 |