Описание
Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary code via a long ClientId argument.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:aol:aol_client_software:7.0_4114.563:*:*:*:*:*:*:*
cpe:2.3:a:aol:aol_client_software:8.0_4129.230:*:*:*:*:*:*:*
cpe:2.3:a:aol:aol_client_software:9.0:*:security_4156.910:*:*:*:*:*
EPSS
Процентиль: 94%
0.14856
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary code via a long ClientId argument.
EPSS
Процентиль: 94%
0.14856
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119