EUVD-2005-2598

Malware in sbrugna...

EUVD-2006-0533

Malware in sbrugna...

AOL CDDBControl ActiveX控件缓冲区溢出漏洞

AOL是一款流行的即时通信软件。 AOL Client Software处理"CDDBControlAOL.CDDBAOLControl" ActiveX控件存在问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 当"CDDBControlAOL.CDDBAOLControl" ActiveX控件cddbcontrol.dll处理传递个"SetClientInfo"函数方法的"ClientId"参数时缺少正确的边界错误，提交超长字符串可发生基于堆栈的缓冲区溢出，精心构建参数数据可导致以应用程序进程权限执行任意指令。 AOL Client Software 9.0 Securit...

CVE-2005-2597

AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program...

aol-aim-tunnel.txt

The risks of using an AOL client behind a firewall Many users wish to use AOL client or AIM AOL Instant Messenger behind the company firewall. However, opening the firewall for an AOL client can present a security risk to the entire network. AOL client connects to the AOL server at port 5190. Thi...