3 matches found
GraceNote CDDBControl ActiveX Control Buffer Overflow (CVE-2006-3134; CVE-2006-6442)
A vulnerability has been discovered in America Online AOL CDDB ActiveX Control. Gracenote CDDB ActiveX control contains a buffer overflow error that allows remote attackers to execute arbitrary code via a long option string. A remote attacker could exploit this flaw to execute arbitrary code and...
CVE-2006-6442
Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control cddbcontrol.dll, as used in America Online AOL 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary co...
CVE-2006-6442
The connected advisories confirm CVE-2006-6442 affects the Gracenote CDDBControl ActiveX control (cddbcontrol.dll) used in AOL software. A stack-based buffer overflow in SetClientInfo allows remote attackers to execute arbitrary code by providing a long ClientId/option string. Impact is remote co...