High severityNVD Advisory· Published Aug 20, 2025· Updated Apr 15, 2026
CVE-2011-10027
CVE-2011-10027
Description
AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/aol_desktop_linktag.rbnvd
- www.exploit-db.com/exploits/16085nvd
- www.exploit-db.com/exploits/16107nvd
- www.exploit-db.com/exploits/17150nvd
- www.fortiguard.com/encyclopedia/ips/26516nvd
- www.vulncheck.com/advisories/aol-desktop-rtx-stack-based-buffer-overflownvd
News mentions
0No linked articles in our index yet.