AOL Desktop is an internet suite that integrates a web browser, media player, and IM client.
A heap overflow vulnerability exists in the Rich Text file parser of AOL Desktop 9.x. In documents with HTML links, the parser does not properly validate the length of the "HREF" attribute in "A" tags.
This vulnerability has not been patched by the vendor.
This exploit works against AOL Desktop 9.6 running on Microsoft Windows XP SP3 English (DEP OptIn).
Windows Vista / Windows 7