VYPR

Aol

by AOL

CVEs (8)

  • CVE-2010-10015HigAug 21, 2025
    risk 0.60cvss epss 0.00

    AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation…

  • CVE-2006-5820Apr 2, 2007
    risk 0.04cvss epss 0.08

    The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value.

  • CVE-2007-1767Mar 30, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors.

  • CVE-2006-6442Dec 10, 2006
    risk 0.00cvss epss 0.05

    Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers…

  • CVE-2006-5502Oct 25, 2006
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the AddPictureNoAlbum method, a different vulnerability than CVE-2006-5501.

  • CVE-2006-5501Oct 25, 2006
    risk 0.00cvss epss 0.03

    Buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the downloadFileDirectory property, a different vulnerability than CVE-2006-5502.

  • CVE-2006-0948Aug 21, 2006
    risk 0.00cvss epss 0.00

    AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the "America Online 9.0" directory, which allows local users to gain privileges by replacing critical files.

  • CVE-2001-0314Jun 2, 2001
    risk 0.00cvss epss 0.02

    Buffer overflow in www.tol module in America Online (AOL) 5.0 may allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL in a link.