Vulnerability Details CVE-2006-3888
Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.178
EPSS Ranking 94.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=420
- http://secunia.com/advisories/22304
- http://securitytracker.com/id?1017024
- http://www.kb.cert.org/vuls/id/661524
- http://www.kb.cert.org/vuls/id/MIMG-6MUUJ8
- http://www.securityfocus.com/bid/20425
- http://www.securityfocus.com/bid/20472
- http://www.vupen.com/english/advisories/2006/3967
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29410
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29494
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=420
- http://secunia.com/advisories/22304
- http://securitytracker.com/id?1017024
- http://www.kb.cert.org/vuls/id/661524
- http://www.kb.cert.org/vuls/id/MIMG-6MUUJ8
- http://www.securityfocus.com/bid/20425
- http://www.securityfocus.com/bid/20472
- http://www.vupen.com/english/advisories/2006/3967
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29410
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29494
Products affected by CVE-2006-3888
-
cpe:2.3:a:aol:ygp_pic_downloader_activex_control:*