Lucene search

[email protected]CVE-2006-5502

HistoryOct 25, 2006 - 10:07 p.m.

CVE-2006-5502

2006-10-2522:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5502

aol

picdownloadctrl

activex

buffer overflow

remote code execution

security vulnerability

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.161 Low

EPSS

Percentile

95.9%

JSON

Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the AddPictureNoAlbum method, a different vulnerability than CVE-2006-5501.

CPENameOperatorVersion
aol:aolaoleq9.0

CPE	Name	Operator	Version
aol:aol	aol	eq	9.0

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=429

secunia.com/advisories/22567

securitytracker.com/id?1017121

www.securityfocus.com/bid/20747

www.vupen.com/english/advisories/2006/4197

exchange.xforce.ibmcloud.com/vulnerabilities/29795

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.161 Low

EPSS

Percentile

95.9%

JSON

Related for CVE-2006-5502

cve1