Vulnerability Description
The default configuration of the America Online (AOL) client software allows all users to modify a certain registry value that specifies a DLL file name, which might allow local users to gain privileges via a Trojan horse program.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aol | Aol Client Software | 8.0 |
References
- http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
- http://www.kb.cert.org/vuls/id/953860US Government Resource
- http://www.securityfocus.com/archive/1/423587/100/0/threaded
- http://www.securityfocus.com/bid/16453
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24498
- http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
- http://www.kb.cert.org/vuls/id/953860US Government Resource
- http://www.securityfocus.com/archive/1/423587/100/0/threaded
- http://www.securityfocus.com/bid/16453
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24498
FAQ
What is CVE-2006-0526?
CVE-2006-0526 is a vulnerability with a CVSS score of 7.2 (HIGH). The default configuration of the America Online (AOL) client software allows all users to modify a certain registry value that specifies a DLL file name, which might allow local users to gain privileg...
How severe is CVE-2006-0526?
CVE-2006-0526 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0526?
Check the references section above for vendor advisories and patch information. Affected products include: Aol Aol Client Software.