7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
High
0.308 Low
EPSS
Percentile
97.0%
Buffer overflow in AOL You’ve Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method.
CPE | Name | Operator | Version |
---|---|---|---|
aol:ygp_pic_downloader_activex_control | aol ygp pic downloader activex control | eq | * |
labs.idefense.com/intelligence/vulnerabilities/display.php?id=420
secunia.com/advisories/22304
securitytracker.com/id?1017024
www.kb.cert.org/vuls/id/661524
www.kb.cert.org/vuls/id/MIMG-6MUUJ8
www.securityfocus.com/bid/20425
www.securityfocus.com/bid/20472
www.vupen.com/english/advisories/2006/3967
exchange.xforce.ibmcloud.com/vulnerabilities/29410
exchange.xforce.ibmcloud.com/vulnerabilities/29494