Vulnerability Description
The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aol | Aol | 9.0 |
References
- http://osvdb.org/34318
- http://secunia.com/advisories/24714
- http://securityreason.com/securityalert/2513
- http://www.kb.cert.org/vuls/id/478225US Government Resource
- http://www.securityfocus.com/archive/1/464313/100/0/threaded
- http://www.securityfocus.com/bid/23224
- http://www.tippingpoint.com/security/advisories/TSRT-07-03.htmlVendor Advisory
- http://www.vupen.com/english/advisories/2007/1184
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33347
- http://osvdb.org/34318
- http://secunia.com/advisories/24714
- http://securityreason.com/securityalert/2513
- http://www.kb.cert.org/vuls/id/478225US Government Resource
- http://www.securityfocus.com/archive/1/464313/100/0/threaded
- http://www.securityfocus.com/bid/23224
FAQ
What is CVE-2006-5820?
CVE-2006-5820 is a vulnerability with a CVSS score of 9.3 (HIGH). The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute a...
How severe is CVE-2006-5820?
CVE-2006-5820 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5820?
Check the references section above for vendor advisories and patch information. Affected products include: Aol Aol.