Vulnerability Description
Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aol | Ygp Pic Downloader Activex Control | All versions |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=420
- http://secunia.com/advisories/22304
- http://securitytracker.com/id?1017024
- http://www.kb.cert.org/vuls/id/661524US Government Resource
- http://www.kb.cert.org/vuls/id/MIMG-6MUUJ8
- http://www.securityfocus.com/bid/20425
- http://www.securityfocus.com/bid/20472
- http://www.vupen.com/english/advisories/2006/3967
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29410
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29494
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=420
- http://secunia.com/advisories/22304
- http://securitytracker.com/id?1017024
- http://www.kb.cert.org/vuls/id/661524US Government Resource
- http://www.kb.cert.org/vuls/id/MIMG-6MUUJ8
FAQ
What is CVE-2006-3888?
CVE-2006-3888 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote ...
How severe is CVE-2006-3888?
CVE-2006-3888 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3888?
Check the references section above for vendor advisories and patch information. Affected products include: Aol Ygp Pic Downloader Activex Control.