CVE-2007-6699

Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures YGP Picture Editor allow remote attackers to cause a denial of service browser crash via a long string in the 1 DisplayName, 2 FinalSavePath, 3 ForceSaveTo, 4 HiddenControls, 5...

CVE-2007-6699

CVE-2007-6699 concerns multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control (YGPPicEdit.dll) used by AOL You've Got Pictures (YGP) Picture Editor. The vulnerability arises from handling long string values in specific properties (DisplayName, FinalSavePath, ForceSaveTo, HiddenCon...

aolygp-overflows.txt

The AOL YGP Picture Editor ControlAIM PicEditor Control version 9.5.1.8 suffers from multiple exploitable buffer overflows in various properties. This object is marked safe for scripting. I have not tested other versions. PoC as follows: ---------------- function Check var s = 'A'; while s.length...

[Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows

The AOL YGP Picture Editor ControlAIM PicEditor Control version 9.5.1.8 suffers from multiple exploitable buffer overflows in various properties. This object is marked safe for scripting. I have not tested other versions. PoC as follows: ---------------- !-- written by e.b. -- html head script...

AOL AIM YGP Picture Editor ActiveX control buffer overflow

Buffer overflows in different properties...

CVE-2006-3887

The CVE-2006-3887 issue affects AOL’s You’ve Got Pictures (YGP) Screensaver ActiveX control. A buffer overflow in the ActiveX control may allow a remote attacker to execute arbitrary code on a vulnerable system when a user is convinced to view a crafted HTML document. This is associated with the ...

CVE-2006-3888

The CVE-2006-3888 issue affects AOL You’ve Got Pictures (YGP) Pic Downloader ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll) used in AOL 9.0 Security Edition. A buffer overflow allows remote attackers to execute arbitrary code via a long argument to SetAlbumName. The vulnerability is ...

AOL YGP Screensaver ActiveX control buffer overflow

Overview The AOL YGP Screensaver ActiveX control contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The AOL YGP You've Got Pictures Screensaver ActiveX control is a component that comes with AO...

Buffer overflow

Buffer overflow in YGPPicFinder.DLL in AOL You've Got Pictures YGP Picture Finder Tool ActiveX Control, as used in AOL 8.0, 8.0 Plus, and 9.0 Classic, allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2006-0316

Buffer overflow in YGPPicFinder.DLL in AOL You've Got Pictures YGP Picture Finder Tool ActiveX Control, as used in AOL 8.0, 8.0 Plus, and 9.0 Classic, allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2006-0316

Buffer overflow in YGPPicFinder.DLL in AOL You've Got Pictures YGP Picture Finder Tool ActiveX Control, as used in AOL 8.0, 8.0 Plus, and 9.0 Classic, allows remote attackers to execute arbitrary code via unspecified vectors...