5 matches found
AOL Deskbar ActiveX code exeuction
AOL dnUpdater ActiveX uninitialized potiner...
AOL dnUpdater ActiveX dnu.exe Init() Method Remote Code Execution
The remote host has an install of the AOL dnUpdater ActiveX control dnu.exe prior to version 1.1.25.1. As such, it reportedly does not properly verify the function pointer passed by the 'pData' argument of the control's 'Init' method. A remote attacker could exploit this vulnerability by tricking...
AOL桌面工具栏未初始化指针远程代码执行漏洞
Bugtraq ID: 54146 AOL Deskbar是一款桌面工具栏软件。 AOL dnUpdater ActiveX控件存在安全漏洞,允许攻击者以应用程序上下文执行任意代码。 AOL dnUpdater ActiveX控件把部分参数传递给"Init"方法并作为函数指针使用,可被利用在任意内存位置执行任意指令。 0 AOL Deskbar AOL dnUpdater ActiveX Control 厂商解决方案 用户可参考如下供应商提供的升级程序:...
ZDI-12-098 : AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-098 : AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-098 June 21, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...
AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of America Online's Toolbar, Desktop, IM, and winamp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...