Lucene search

[email protected]CVE-2006-5501

HistoryOct 25, 2006 - 10:07 p.m.

CVE-2006-5501

2006-10-2522:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5501

aol

picdownloadctrl

activex

buffer overflow

remote code execution

vulnerability

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.161 Low

EPSS

Percentile

95.9%

JSON

Buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the downloadFileDirectory property, a different vulnerability than CVE-2006-5502.

CPENameOperatorVersion
aol:aolaoleq9.0

CPE	Name	Operator	Version
aol:aol	aol	eq	9.0

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=430

secunia.com/advisories/22567

securitytracker.com/id?1017121

www.securityfocus.com/bid/20745

www.vupen.com/english/advisories/2006/4197

exchange.xforce.ibmcloud.com/vulnerabilities/29797

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.161 Low

EPSS

Percentile

95.9%

JSON

Related for CVE-2006-5501

cve1