<h3>AOL You've Got Pictures ActiveX Control Buffer Overflow</h3>
Description:
A vulnerability has been reported in AOL, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
The vulnerability is caused due to a boundary error in the YPG Picture Finder Tool ActiveX Control (YGPPicFinder.DLL). This can be exploited to cause a buffer overflow and may allow arbitrary code execution.
The vulnerability has been reported in AOL 8.0, 8.0 Plus, and 9.0 Classic. The vulnerable control was also distributed via the You've Got Pictures website prior to 2004.
Solution:
Update to AOL 9.0 Optimized and AOL 9.0 Security Edition or apply hotfix. http://download.newaol.com/security/YGPClean.exe
Reference: http://secunia.com/SA18521
------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
<small>Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services,
or my Webmaster Services webpage</small>
AOL You've Got Pictures ActiveX Buffer Overflow
Moderator: Wiz Feinberg
-
Wiz Feinberg
- Posts: 6113
- Joined: 8 Jan 1999 1:01 am
- Location: Mid-Michigan, USA