VYPR

Superbuddy Activex Control

by AOL

CVEs (2)

  • CVE-2009-3658HigOct 9, 2009
    risk 0.61cvss 8.8epss 0.09

    Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control (sb.dll) in America Online (AOL) 9.5.0.1 allows remote attackers to trigger memory corruption or possibly execute arbitrary code via a malformed argument to the SetSuperBuddy method.

  • CVE-2006-5820Apr 2, 2007
    risk 0.04cvss epss 0.08

    The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value.